Primary

Context

IBM Transformation Advisor Privilege Escalation Vulnerability in Operator Catalog Image

Vulnerability

A privilege escalation vulnerability has been identified in IBM Transformation Advisor versions 2.0.1 through 4.3.1. The issue arises from incorrect privilege assignments to security-critical files, potentially allowing local root access within a container running the IBM Transformation Advisor Operator Catalog image.

Impact

Exploitation of this vulnerability could lead to unauthorized local root access within the affected container.

Remediation

Users are advised to update to version 4.3.2, available from the OperatorHub page in Red Hat OpenShift Container Platform or locally via the IBM Cloud Transformation Advisor trial link.

Added: Sep 3, 2025, 7:26 PM

Updated: Sep 3, 2025, 7:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.8

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.8

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Transformation Advisor Privilege Escalation Vulnerability in Operator Catalog Image

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating