VDB
CVE-2023-47145
CVE-2023-47145
PUBLISHED
Es existiert eine Schwachstelle in IBM DB2 für Windows. Mithilfe der MSI repair Funktion können Privilegien zu SYSTEM erweitert werden. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um eine Privilegienerweiterung durchzuführen.
EPSS 0.03% · 8.1th percentile
Risk Scores
EPSS Score
0.03%
8.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM Security Guardium Key Lifecycle Manager 4.1.1 | |
| IBM | IBM DB2 11.5.x | |
| IBM | IBM Security Guardium Key Lifecycle Manager 4.0 | |
| IBM | IBM DB2 | |
| IBM | IBM Security Guardium Key Lifecycle Manager 3.0 | |
| IBM | IBM Security Guardium Key Lifecycle Manager 4.2.1 | |
| IBM | IBM DB2 10.5.0.x | |
| IBM | IBM DB2 11.1.4.x | |
| IBM | IBM Security Guardium Key Lifecycle Manager 4.1 | |
| IBM | IBM Security Guardium Key Lifecycle Manager 4.2 | |
| IBM | IBM Security Guardium Key Lifecycle Manager 3.0.1 |
Timeline
- Jan 7, 2024 CVE Published
- Jan 10, 2024 EPSS Score
- Feb 7, 2024 EPSS Score
- Mar 7, 2024 EPSS Score
- Apr 4, 2024 EPSS Score
- May 2, 2024 EPSS Score
- May 30, 2024 EPSS Score
- Jun 28, 2024 EPSS Score
- Jul 26, 2024 EPSS Score
- Aug 23, 2024 EPSS Score
- Sep 20, 2024 EPSS Score
- Oct 19, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0019.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0019 advisory
- https://www.ibm.com/support/pages/node/7105500 advisory
- https://www.ibm.com/support/pages/node/7118327 advisory
- https://www.ibm.com/support/pages/node/7150158 advisory