Описание
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:db2_mirror_for_i:7.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_mirror_for_i:7.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_mirror_for_i:7.6:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00034
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-384
Связанные уязвимости
CVSS3: 6.3
github
7 месяцев назад
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system.
EPSS
Процентиль: 10%
0.00034
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-384