CVE-2018-1631

CWE-596 documents5 sources
Severity
6.7MEDIUM
EPSS
0.1%
top 81.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Informix Dynamic Server Enterprise EditionIBM Informix Dynamic Server
Timeline
PublishedAug 20
Latest updateMay 24

Description

IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in oninit mongohash. IBM X-Force ID: 144431.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-329c-jrv3-6h96: IBM Informix Dynamic Server Enterprise Edition 122022-05-24
CVEList
CVE-2018-1631: IBM Informix Dynamic Server Enterprise Edition 122019-08-20

📋Vendor Advisories

2
Apache
Apache tika: CVE-2018-7489
Apache
Apache tika: CVE-2018-19362

💬Community

1
Bugzilla
CVE-2018-7263 libmad: Double-free in the mad_decoder_run() function2018-02-21
CVE-2018-1631 (MEDIUM CVSS 6.7) | IBM Informix Dynamic Server Enterpr | cvebase.io