- Home
- CVEs with nessus.description==The version of Firebird on the remote host sets the 'ISC_PASSWORD' environment variable before starting the database server and uses that for remote client connections when a password is not supplied. An attacker can leverage this issue to connect as 'SYSDBA' with an empty password and gain access to any database on the affected host except for 'security2.fdb', which holds the database user credentials.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top