Metrics
Affected Vendors & Products
Solution
IBM strongly encourages customers to update their systems promptly Product(s)Version(s)Remediation/Fix/InstructionsIBM Transformation Advisor2.0.1 - 4.3.1Install v4.3.2 from OperatorHub page in Red Hat OpenShift Container Platform or locally following this link http://ibm.biz/cloudta-trial .
Workaround
No workaround given by the vendor.
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7243632 |
![]() ![]() |
Mon, 29 Sep 2025 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:ibm:transformation_advisor:*:*:*:*:*:*:*:* |
Wed, 03 Sep 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 03 Sep 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM Transformation Advisor 2.0.1 through 4.3.1 incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Transformation Advisor Operator Catalog image. | |
Title | IBM Transformation Advisor incorrect permissions | |
First Time appeared |
Ibm
Ibm transformation Advisor |
|
Weaknesses | CWE-732 | |
CPEs | cpe:2.3:a:ibm:transformation_advisor:2.0.1:*:*:*:*:*:*:* cpe:2.3:a:ibm:transformation_advisor:4.3.1:*:*:*:*:*:*:* |
|
Vendors & Products |
Ibm
Ibm transformation Advisor |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-09-03T20:08:27.956Z
Reserved: 2025-04-15T21:16:24.268Z
Link: CVE-2025-36193

Updated: 2025-09-03T20:08:24.825Z

Status : Analyzed
Published: 2025-09-03T19:15:34.440
Modified: 2025-09-29T18:35:52.077
Link: CVE-2025-36193

No data.

No data.