Privilege escalation in IBM DB2 LUW - CVE-2017-1134
Published: May 5, 2017
Vulnerability identifier: #VU6421
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-1134
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: IBM Corporation
Affected software:
IBM DB2 LUW
IBM DB2 LUW
Detailed vulnerability description
The vulnerability allows a local attacker to gain elevated privileges.
The weakness exists due to an unspecified condition that exists in the IBM Tivoli System Automation for Multiplatforms (TSAMP) component in IBM DB2 Reliable Scalable Cluster Technology. A local attacker can escalate privileges and gain root access.
Successful exploitation of the vulnerability may result in complete system compromise.
The weakness exists due to an unspecified condition that exists in the IBM Tivoli System Automation for Multiplatforms (TSAMP) component in IBM DB2 Reliable Scalable Cluster Technology. A local attacker can escalate privileges and gain root access.
Successful exploitation of the vulnerability may result in complete system compromise.
How to mitigate CVE-2017-1134
Install update from vendor's website.