exploitDog

GHSA-hrgv-4496-v5w7

Опубликовано: 23 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.3

Описание

IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system.

IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system.

Ссылки

EPSS

Процентиль: 10%

0.00034

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-384

Связанные уязвимости

CVE-2025-36117

CVSS3: 6.3

nvd

7 месяцев назад

IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system.

EPSS

Процентиль: 10%

0.00034

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-384