PT-2019-9297 · Ibm · Ibm Informix Dynamic Server Enterprise Edition
Published
2019-08-20
·
Updated
2023-02-24
·
CVE-2018-1633
CVSS v3.1
8.2
High
| Vector | A:H/AV:L/PR:H/C:H/I:H/AC:L/S:C/UI:N |
Name of the Vulnerable Software and Affected Versions
IBM Informix Dynamic Server Enterprise Edition version 12.1
Description
A symbolic link vulnerability in onsrvapd could allow a local user logged in with database administrator privileges to gain root privileges.
Recommendations
For IBM Informix Dynamic Server Enterprise Edition version 12.1, consider restricting access to the onsrvapd service to minimize the risk of exploitation until a patch is available.
Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Informix Dynamic Server Enterprise Edition