Описание
Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:ingres:ingres:2.5:*:*:*:*:*:*:*
cpe:2.3:a:ingres:ingres:2.6:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00872
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges.
EPSS
Процентиль: 75%
0.00872
Низкий
5 Medium
CVSS2
Дефекты
CWE-264