PT-2019-9295 · Ibm · Ibm Informix Dynamic Server Enterprise Edition
Published
2019-08-20
·
Updated
2023-02-24
·
CVE-2018-1631
CVSS v3.1
8.2
High
| Vector | I:H/PR:H/C:H/AC:L/UI:N/S:C/AV:L/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Informix Dynamic Server Enterprise Edition version 12.1
Description
The issue allows a local user logged in with database administrator privileges to gain root privileges through a symbolic link vulnerability in oninit mongohash.
Recommendations
For IBM Informix Dynamic Server Enterprise Edition version 12.1, consider restricting access to the oninit mongohash functionality to minimize the risk of exploitation until a patch is available.
Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Informix Dynamic Server Enterprise Edition