CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
83.4%
Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges.
secunia.com/advisories/28183
secunia.com/advisories/28187
supportconnectw.ca.com/public/ingres/infodocs/ingresmswin-secnot.asp
www.ingres.com/support/security-alertDec17.php
www.osvdb.org/39358
www.securityfocus.com/archive/1/485448/100/0/threaded
www.securityfocus.com/bid/26959
www.securitytracker.com/id?1019134
www.vupen.com/english/advisories/2007/4303
www.vupen.com/english/advisories/2007/4304