Privilege escalation in IBM DB2 - CVE-2018-1780
Published: November 12, 2018 / Updated: November 16, 2018
IBM DB2
Detailed vulnerability description
The vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists due to improper privileges and access controls. A a local db2 instance owner can exploit a symbolic link attack to read/write/corrupt a file that he originally did not have permission to access and obtain root access to the system.