← Zuruck zu CVEs
CVE-2019-4057
MEDIUM6.7
Beschreibung
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow malicious user with access to the DB2 instance account to leverage a fenced execution process to execute arbitrary code as root. IBM X-Force ID: 156567.
CVE Details
CVSS v3.1 Bewertung6.7
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht7/1/2019
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
ibm:db2linux:linux_kernelmicrosoft:windows
Referenzen
https://exchange.xforce.ibmcloud.com/vulnerabilities/156567(psirt@us.ibm.com)
https://www.ibm.com/support/docview.wss?uid=ibm10880735(psirt@us.ibm.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/156567(af854a3a-2127-422b-91ae-364da2661108)
https://www.ibm.com/support/docview.wss?uid=ibm10880735(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.