ID CVE-2012-1796
Summary Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp5:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp5:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp6:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp6:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp6a:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp6a:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp7:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp7:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.5:fp8:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:fp8:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 10-01-2018 - 02:29)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2012-05-07T04:00:11.756-04:00
class vulnerability
contributors
  • name Scott Quint
    organization DTCC
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
comment IBM DB2 UDB is installed
oval oval:org.mitre.oval:def:12505
description Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors.
family windows
id oval:org.mitre.oval:def:14526
status deprecated
submitted 2012-03-26T11:21:44.000-05:00
title DEPRECATED: Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors.
version 6
refmap via4
aixapar IC79970
confirm http://www-01.ibm.com/support/docview.wss?uid=swg21586193
xf db2-itma-priv-esc(74325)
Last major update 10-01-2018 - 02:29
Published 20-03-2012 - 20:55
Back to Top