Permissions, Privileges, and Access Controls in IBM Security Guardium - CVE-2022-439210
Published: July 21, 2023
Vulnerability identifier: #VU78484
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2022-439210
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: IBM Corporation
Affected software:
IBM Security Guardium
IBM Security Guardium
Detailed vulnerability description
The vulnerability allows a local attacker to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.
How to mitigate CVE-2022-439210
Install updates from vendor's website.