Описание
IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) under specific configurations could allow a local user to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 12.1.0 (включая) до 12.1.3 (включая)Версия от 12.1.0 (включая) до 12.1.3 (включая)Версия от 12.1.0 (включая) до 12.1.3 (включая)
Одно из
cpe:2.3:a:ibm:db2:*:*:*:*:*:linux:*:*
cpe:2.3:a:ibm:db2:*:*:*:*:*:unix:*:*
cpe:2.3:a:ibm:db2:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 5%
0.0002
Низкий
7.4 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-250
Связанные уязвимости
CVSS3: 7.4
github
3 месяца назад
IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) under specific configurations could allow a local user to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level.
EPSS
Процентиль: 5%
0.0002
Низкий
7.4 High
CVSS3
7.8 High
CVSS3
Дефекты
CWE-250