CVE-2017-1508
medium
CVSS v3
6.7
CVSS v2
6.8
VIR risk
6.7
Description
IBM Informix Dynamic Server 12.1 could allow a local user logged in with database administrator user to gain root privileges. IBM X-Force ID: 129620.
Predictions
Exploit likelihood
66%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@us.ibm.com — https://exchange.xforce.ibmcloud.com/vulnerabilities/129620
Vendor advisory: psirt@us.ibm.com — http://www.ibm.com/support/docview.wss?uid=swg22006872
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| linux-kernel | - | not-affected | |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| ibm | informix_dynamic_server | 12.10 | |
References
- http://www.ibm.com/support/docview.wss?uid=swg22006872
- http://www.securityfocus.com/bid/100820
- https://exchange.xforce.ibmcloud.com/vulnerabilities/129620
- http://www.ibm.com/support/docview.wss?uid=swg22006872
- http://www.securityfocus.com/bid/100820
- https://exchange.xforce.ibmcloud.com/vulnerabilities/129620
Verify integrity in audit chain (admin only). AS-IS.