Описание
IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to a privilege escalation caused by an invalid database authority check. A bad actor could execute a database procedure or function without having all required permissions, in addition to causing denial of service for some database actions.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:ibm:i:7.2:*:*:*:*:*:*:*
cpe:2.3:o:ibm:i:7.3:*:*:*:*:*:*:*
cpe:2.3:o:ibm:i:7.4:*:*:*:*:*:*:*
cpe:2.3:o:ibm:i:7.5:*:*:*:*:*:*:*
cpe:2.3:o:ibm:i:7.6:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00036
Низкий
7.5 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-250
Связанные уязвимости
CVSS3: 7.5
github
7 месяцев назад
IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to a privilege escalation caused by an invalid database authority check. A bad actor could execute a database procedure or function without having all required permissions, in addition to causing denial of service for some database actions.
EPSS
Процентиль: 10%
0.00036
Низкий
7.5 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-250