PT-2019-9296 · Ibm · Ibm Informix Dynamic Server Enterprise Edition
Published
2019-08-20
·
Updated
2023-02-24
·
CVE-2018-1632
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM Informix Dynamic Server Enterprise Edition version 12.1
Description
A symbolic link vulnerability in .infxdirs could allow a local user logged in with database administrator privileges to gain root privileges.
Recommendations
For IBM Informix Dynamic Server Enterprise Edition version 12.1, consider restricting access to the .infxdirs directory to prevent exploitation of the symbolic link vulnerability until a patch is available.
Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Informix Dynamic Server Enterprise Edition