CVE-2025-36117

MEDIUM

6.3

Descripcion

IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system.

Detalles CVE

Puntuacion CVSS v3.16.3

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosLOW

Interaccion usuarioNONE

Publicado7/23/2025

Ultima modificacion8/7/2025

Fuentenvd

Avistamientos honeypot0

Productos afectados

ibm:db2_mirror_for_i

Debilidades (CWE)

CWE-384

Referencias

https://www.ibm.com/support/pages/node/7240351(psirt@us.ibm.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.