PT-2019-9298 · Ibm · Ibm Informix Dynamic Server Enterprise Edition
Published
2019-08-20
·
Updated
2023-02-24
·
CVE-2018-1634
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM Informix Dynamic Server Enterprise Edition version 12.1
Description
A symbolic link vulnerability exists in
infos.DBSERVERNAME, which could allow a local user logged in with database administrator privileges to gain root privileges.Recommendations
For IBM Informix Dynamic Server Enterprise Edition version 12.1, consider restricting access to the
infos.DBSERVERNAME to minimize the risk of exploitation until a patch is available.Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Informix Dynamic Server Enterprise Edition