4
CVE-2006-7216
- EPSS 2.18%
- Veröffentlicht 05.07.2007 20:30:00
- Zuletzt bearbeitet 16.06.2026 22:34:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.18% | 0.8 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
http://db.apache.org/derby/releases/release-10.2.1.6.html
http://issues.apache.org/jira/browse/DERBY-1708