CVE-2007-6334
Description
Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges.
Risk Information
Base Score
7.0
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.872
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update to Computer Associates patch-2.5.0605.12291-win-x86.zip | Windows |
| Update to Computer Associates patch-2.6.0701.12467-win-x86.zip | Windows |
| Update to Computer Associates patch-2.6.0701.12473-win-x86-DBL.zip | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234