Privilege Escalation Vulnerability in Apache Derby by Apache
CVE-2006-7216

Currently unrated

Key Information:

Vendor: Apache
Status: Derby
Vendor: CVE Published:; 5 July 2007

Summary

Apache Derby prior to version 10.2.1.6 fails to enforce privilege checks on lock table statements at both compilation and execution time. This oversight allows remote authenticated users to lock tables without proper authorization, potentially leading to data manipulation or service disruption. Addressing this vulnerability is crucial to maintain database integrity and security.

References

http://issues.apache.org/jira/browse/DERBY-1708

x_refsource_CONFIRM

http://db.apache.org/derby/releases/release-10.2.1.6.html

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 5, 2007