exploitDog

GHSA-rg5x-cqqj-3xmv

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.3

Описание

IBM i 7.4 users who have done a Restore User Profile (RSTUSRPRF) on a system which has been configured with Db2 Mirror for i might have user profiles with elevated privileges caused by incorrect processing during a restore of multiple user profiles. A user with restore privileges could exploit this vulnerability to obtain elevated privileges on the restored system. IBM X-Force ID: 165592.

IBM i 7.4 users who have done a Restore User Profile (RSTUSRPRF) on a system which has been configured with Db2 Mirror for i might have user profiles with elevated privileges caused by incorrect processing during a restore of multiple user profiles. A user with restore privileges could exploit this vulnerability to obtain elevated privileges on the restored system. IBM X-Force ID: 165592.

Ссылки

EPSS

Процентиль: 12%

0.0004

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2019-4536

CVSS3: 6.3

nvd

больше 6 лет назад

IBM i 7.4 users who have done a Restore User Profile (RSTUSRPRF) on a system which has been configured with Db2 Mirror for i might have user profiles with elevated privileges caused by incorrect processing during a restore of multiple user profiles. A user with restore privileges could exploit this vulnerability to obtain elevated privileges on the restored system. IBM X-Force ID: 165592.

EPSS

Процентиль: 12%

0.0004

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-269