CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%
db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | db2_universal_database | 8 | cpe:2.3:a:ibm:db2_universal_database:8:*:*:*:*:*:*:* |
ibm | db2_universal_database | 9.1 | cpe:2.3:a:ibm:db2_universal_database:9.1:*:*:*:*:*:*:* |
ibm | db2_universal_database | 9.5 | cpe:2.3:a:ibm:db2_universal_database:9.5:*:*:*:*:*:*:* |