Back to search
CVE-2020-4885
Published: Jun 24, 2021
Modified: Sep 17, 2024
PUBLISHED
CVSS v3.0
6.2
MEDIUM
Description
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user to access and change the configuration of Db2 due to a race condition of a symbolic link,. IBM X-Force ID: 190909.
| Vendor | Product | Versions |
|---|---|---|
IBM | DB2 for Linux and UNIX | affected 11.5 |
CVSS v3.0 Details
CVSS v3.0 Vector
CVSS:3.0/AV:L/PR:N/AC:L/S:U/C:N/UI:N/A:N/I:H/RC:C/E:U/RL:O
Attack Vector
Local
Privileges Required
None
Attack Complexity
Low
Scope
Unchanged
Confidentiality
None
User Interaction
None
Availability
None
Integrity
High
References
https://www.ibm.com/support/pages/node/6466363
x_refsource_CONFIRM
ibm-db2-cve20204885-sym-link (190909)
vdb-entry
x_refsource_XF
https://security.netapp.com/advisory/ntap-20210720-0006/
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now