{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6389", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2026-04-15T19:41:36.801Z", "datePublished": "2026-04-30T21:17:06.371Z", "dateUpdated": "2026-04-30T21:17:06.371Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-04-30T21:17:06.371Z"}, "title": "IBM Turbonomic Prometurbo agent used by IBM Turbonomic Application Resource Management is affected by a single vulnerability", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "type": "CWE"}]}], "affected": [{"vendor": "IBM", "product": "Turbonomic prometurbo agent", "versions": [{"status": "affected", "version": "8.16.0", "lessThanOrEqual": "8.17.6", "versionType": "semver"}], "cpes": ["cpe:2.3:a:ibm:turbonomic_prometurbo_agent:8.16.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:turbonomic_prometurbo_agent:8.17.6:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster\u2011wide permissions, including unrestricted read access to all secrets. An attacker that compromises the operator or its service account can exfiltrate sensitive credentials, escalate privileges, and potentially achieve full cluster compromise.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster\u2011wide permissions, including unrestricted read access to all secrets. An attacker that compromises the operator or its service account can exfiltrate sensitive credentials, escalate privileges, and potentially achieve full cluster compromise.</p>"}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7270720", "tags": ["vendor-advisory", "patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}}], "solutions": [{"lang": "en", "value": "IBM strongly recommends addressing the vulnerability now by re-installing a version of prometurbo with the required fixes.\n\nProduct(s)Version(s) number and/or range\u00a0Remediation/Fix/InstructionsIBM Turbonomic prometurbo agent8.18.0\n\nFollow the installation instructions https://www.ibm.com/docs/en/tarm/8.19.4 from the IBM Turbonomic documentation", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p><strong>IBM strongly recommends addressing the vulnerability now by re-installing a version of prometurbo with the required fixes.</strong></p><div><table><tbody><tr><td><strong>Product(s)</strong></td><td><strong>Version(s) number and/or range&nbsp;</strong></td><td><strong>Remediation/Fix/Instructions</strong></td></tr><tr><td>IBM Turbonomic prometurbo agent</td><td>8.18.0</td><td><p>Follow the <a href=\"https://www.ibm.com/docs/en/tarm/8.19.4?topic=configuration-prometheus\" rel=\"nofollow\">installation instructions</a> from the IBM Turbonomic documentation</p></td></tr></tbody></table></div><p></p><p></p>"}]}], "x_generator": {"engine": "ibm-cvegen"}, "credits": [{"lang": "en", "value": "This vulnerability was reported to IBM by Lior Yakim.", "type": "finder"}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster\u2011wide permissions, including unrestricted read access to all secrets. An attacker that compromises the operator or its service account can exfiltrate sensitive credentials, escalate privileges, and potentially achieve full cluster compromise."}], "id": "CVE-2026-6389", "lastModified": "2026-04-30T22:16:26.207", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "psirt@us.ibm.com", "type": "Primary"}]}, "published": "2026-04-30T22:16:26.207", "references": [{"source": "psirt@us.ibm.com", "url": "https://www.ibm.com/support/pages/node/7270720"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "psirt@us.ibm.com", "type": "Primary"}]}

{}

{}