Privilege Escalation Vulnerability in IBM Informix Dynamic Server on Windows
CVE-2016-0226
7.8HIGH
Summary
The client implementation in IBM Informix Dynamic Server 11.70.xCn for Windows fails to properly restrict access to critical executable files such as nsrd, nsrexecd, and portmap. This security lapse allows local users to manipulate these files, leading to potential privilege escalation through the introduction of a Trojan horse file. Ensuring that access controls and permissions are correctly configured is essential to mitigate this risk.
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved