Security bypass vulnerability in IBM DB2 (Linux)ID: oval:org.secpod.oval:def:2281 | Date: (C)2011-09-23 (M)2022-10-10 |
Class: VULNERABILITY | Family: unix |
The host is installed with IBM DB2 9.1 before FP10 or 9.5 before FP6a or 9.7 before FP2 and is prone to security bypass vulnerability. A flaw is present in the application, which is caused due to an error in the application while revoking "DBADM" privileges which can lead to users still being able to execute non-DDL statements. Successful exploitation allows remote attackers to bypass certain security restrictions.