CVE-2007-1228Improper Authentication in IBM DB2

CWE-287Improper Authentication5 documents4 sources
Severity
4.4MEDIUMNVD
EPSS
0.1%
top 81.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM DB2
Timeline
PublishedMar 2
Latest updateMay 1

Description

IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "fenced" user to access certain unauthorized directories.

CVSS vector

AV:L/AC:M/C:C/I:N/A:NExploitability: 2.7 | Impact: 6.9

Affected Packages1 packages

NVDibm/db28.2, 9.0+1

🔴Vulnerability Details

2
GHSA
GHSA-p4rx-rcv8-8m8x: IBM DB2 UDB 82022-05-01
CVEList
CVE-2007-1228: IBM DB2 UDB 82007-03-02

💥Exploits & PoCs

2
Exploit-DB
Apple Mac OSX xnu 1228.0 - 'super_blob' Local kernel Denial of Service (PoC)2007-12-12
Exploit-DB
Apple Mac OSX xnu 1228.0 - 'mach-o' Local Kernel Denial of Service (PoC)2007-12-04
CVE-2007-1228 — Improper Authentication in IBM DB2 | cvebase