6.5
CVE-2011-1846
- EPSS 2.29%
- Veröffentlicht 03.05.2011 20:55:12
- Zuletzt bearbeitet 16.06.2026 23:30:14
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757. NOTE: some of these details are obtained from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.29% | 0.81 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
http://secunia.com/advisories/44229
http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71263
http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71375
http://www-01.ibm.com/support/docview.wss?uid=swg1IC71263
http://www-01.ibm.com/support/docview.wss?uid=swg1IC71375
http://www.securityfocus.com/bid/47525
http://www.vupen.com/english/advisories/2011/1083
https://exchange.xforce.ibmcloud.com/vulnerabilities/66980
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14688