PT-2018-12544 · Ibm · Ibm Db2
Published
2018-03-22
·
Updated
2019-10-09
·
CVE-2018-1448
CVSS v3.1
7.7
High
| Vector | A:H/AC:L/AV:L/C:N/I:H/PR:N/S:U/UI:N |
Name of the Vulnerable Software and Affected Versions
IBM DB2 for Linux, UNIX and Windows versions 9.7, 10.1, 10.5, and 11.1
Description
The issue allows a local user to overwrite arbitrary files owned by the DB2 instance owner.
Recommendations
For versions 9.7, 10.1, 10.5, and 11.1, update to a version that contains a fix for this issue to prevent local users from overwriting arbitrary files.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ibm Db2