CVE-2020-4885

medium

Description

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user to access and change the configuration of Db2 due to a race condition of a symbolic link,. IBM X-Force ID: 190909.

References

https://www.ibm.com/support/pages/node/6466363

https://security.netapp.com/advisory/ntap-20210720-0006/

https://exchange.xforce.ibmcloud.com/vulnerabilities/190909

Details

Source: Mitre, NVD

Published: 2021-06-24

Updated: 2021-09-20

Risk Information

CVSS v2

Base Score: 1.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 4.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium