Operator has the right to edit variables when relaunching job
Article ID: 86310
Updated On:
Products
CA Automic Dollar Universe
Issue/Introduction
Error Message :
There is no error message
Patch level detected:Dollar Universe 6.1.00
Product Version: Dollar.Universe 6.1.0
Description :When jobs are launch manually by operators, the operator can edit the variables within the task without permission.
The content of Uproc variables on DU6 Linux (possibly Unix too) can be passed on to the O.S. by DU and interpreted. This can lead to privilege escalation and execution of malicious commands.
There is no error message
Patch level detected:Dollar Universe 6.1.00
Product Version: Dollar.Universe 6.1.0
Description :When jobs are launch manually by operators, the operator can edit the variables within the task without permission.
The content of Uproc variables on DU6 Linux (possibly Unix too) can be passed on to the O.S. by DU and interpreted. This can lead to privilege escalation and execution of malicious commands.
Cause
Cause type:
By design
Root Cause: N/A
By design
Root Cause: N/A
Environment
OS: All
Resolution
Be sure operator edit the variables correctly when needed.
Fix Status: No Fix
Fix Status: No Fix
Additional Information
Workaround :
N/A
N/A
Feedback
Yes
No
Powered by
