Security Bulletin: IBM InfoSphere Information Server containers are vulnerable to privilege escalation

Summary A privilege escalation vulnerability was addressed in IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2019-4185 DESCRIPTION: IBM InfoSphere Information Server containers are vulnerable to privilege escalation due to an insecurely configured component. CVSS Base Score: 8.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/158975 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) Affected Products and Versions The following products, running on all supported platforms, are affected: IBM InfoSphere Information Server: version 11.7.1 IBM InfoSphere Information Server on Cloud: version 11.7.1 Remediation/Fixes Product | VRMF | APAR | Remediation/First Fix —|—|—|— InfoSphere Information Server, Information Server on Cloud | 11.7 | — | –Apply IBM InfoSphere Information Server version 11.7.1.0 –Apply IBM InfoSphere Information Server 11.7.1.0 Fix Pack 1 Workarounds and Mitigations Perform the following steps to secure your environment: 1. List your kube-system namespace > kubectl get deployments -n kube-system 2. List the pods in your kube-system namespace > kubectl get deployments -n kube-system 3. Delete the tiller pod > kubectl delete deployment tiller-deploy –namespace=kube-system 4. Verify that the tiller pod was deleted by examining the output of command > kubectl get deployments -n kube-system Verify that helm is working by…Read More