Viesturs

**Name of the Vulnerable Software and Affected Versions** Firebird versions prior to 2.0.3.12981.0-r6 **Description** The default configuration of Firebird sets the ISC PASSWORD environment variable before starting Firebird, allowing remote attackers to bypass SYSDBA authentication and obtain sensitive database information via an empty password. **Recommendations** For versions prior to 2.0.3.12981.0-r6, update to version 2.0.3.12981.0-r6 or later to resolve the issue. As a temporary workaround, consider removing the ISC PASSWORD environment variable to prevent attackers from bypassing SYSDBA authentication.