CVE-2017-1716

low

Published 2017-12-13 · Modified 2026-05-13

CVSS v3

3.3

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2

2.1

VIR risk

3.3

Description

IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose sensitive information to a local attacker due to improper permission settings. IBM X-Force ID: 134638.

Predictions

Exploit likelihood

34%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — https://exchange.xforce.ibmcloud.com/vulnerabilities/134638

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg22010947

Application impact

Vendor	Product	Versions
ibm	tivoli_workload_scheduler	`8.6`
ibm	tivoli_workload_scheduler	`9.1`
ibm	tivoli_workload_scheduler	`9.2`

References

http://www-01.ibm.com/support/docview.wss?uid=swg22010947
http://www.securityfocus.com/bid/101974
https://exchange.xforce.ibmcloud.com/vulnerabilities/134638
http://www-01.ibm.com/support/docview.wss?uid=swg22010947
http://www.securityfocus.com/bid/101974
https://exchange.xforce.ibmcloud.com/vulnerabilities/134638

CWEs

CWE-732

Verify integrity in audit chain (admin only). AS-IS.