CVE-2018-1796

moderate-risk

Published 2019-08-20

IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user to load malicious libraries and gain root privileges. IBM X-Force ID: 149426.

Do I need to act?

-

0.04% chance of exploitation

EPSS score — low exploit probability

-

Not on CISA KEV list

No confirmed active exploitation reported to CISA

?

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

7

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (12)

Informix Dynamic Server

Informix Dynamic Server

Informix Dynamic Server

Informix Dynamic Server

Informix Dynamic Server

Informix Dynamic Server

Informix Dynamic Server

Informix Dynamic Server

Informix Dynamic Server

Informix Dynamic Server

Informix Dynamic Server

Informix Dynamic Server

Affected Vendors

Ibm

References (4)

Vendor Advisory http://www.ibm.com/support/docview.wss?uid=ibm10964987

VDB Entry https://exchange.xforce.ibmcloud.com/vulnerabilities/149426

Vendor Advisory http://www.ibm.com/support/docview.wss?uid=ibm10964987

VDB Entry https://exchange.xforce.ibmcloud.com/vulnerabilities/149426

41

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 0/34 · Minimal

Exposure 17/34 · Moderate