| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.3 | $0-$5k | 0.00 |
Summary
A vulnerability marked as problematic has been reported in IBM DB2. This affects an unknown function of the component Local Account Handler. Performing a manipulation results in untrusted search path. This vulnerability is known as CVE-2014-0907. No exploit is available. To fix this issue, it is recommended to deploy a patch.
Details
A vulnerability, which was classified as critical, was found in IBM DB2 (Database Software). This affects an unknown code of the component Local Account Handler. The manipulation with an unknown input leads to a untrusted search path vulnerability. CWE is classifying the issue as CWE-426. The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:
Multiple untrusted search path vulnerabilities in unspecified (1) setuid and (2) setgid programs in IBM DB2 9.5, 9.7 before FP9a, 9.8, 10.1 before FP3a, and 10.5 before FP3a on Linux and UNIX allow local users to gain root privileges via a Trojan horse library.
The weakness was published 05/26/2014 by Tim Brown (Portcullis) with Portcullis Computer Security Ltd. as swg21672100 / Reference 1672100 as confirmed advisory (Website). It is possible to read the advisory at www-01.ibm.com. The public release has been coordinated with IBM. This vulnerability is uniquely identified as CVE-2014-0907 since 01/06/2014. Attacking locally is a requirement. No form of authentication is needed for exploitation. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1574 according to MITRE ATT&CK.
The vulnerability was handled as a non-public zero-day exploit for at least 89 days. During that time the estimated underground price was around $5k-$25k. The vulnerability scanner Nessus provides a plugin with the ID 76110 (IBM DB2 10.1 < Fix Pack 3a Multiple Vulnerabilities), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Databases. The commercial vulnerability scanner Qualys is able to test this issue with plugin 19986 (IBM DB2 Multiple Vulnerabilities (swg21633303)).
Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (91869), Tenable (76110), SecurityFocus (BID 67617†), Secunia (SA58519†) and Vulnerability Center (SBV-45546†). Further details are available at seclists.org. Similar entries are available at VDB-13393, VDB-13392, VDB-13394 and VDB-68134. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Type
Vendor
Name
Version
- 9.5
- 9.7
- 9.7.0.1
- 9.7.0.2
- 9.7.0.3
- 9.7.0.4
- 9.7.0.5
- 9.7.0.6
- 9.7.0.7
- 9.7.0.8
- 9.7.0.9
- 10.1
- 10.1.0.1
- 10.1.0.2
- 10.1.0.3
- 10.5
- 10.5.0.1
- 10.5.0.2
License
Website
- Vendor: https://www.ibm.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 8.4VulDB Meta Temp Score: 7.3
VulDB Base Score: 8.4
VulDB Temp Score: 7.3
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Untrusted search pathCWE: CWE-426
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: No
Availability: 🔍
Status: Unproven
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 76110
Nessus Name: IBM DB2 10.1 < Fix Pack 3a Multiple Vulnerabilities
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Timeline
01/06/2014 🔍02/26/2014 🔍
03/13/2014 🔍
05/26/2014 🔍
05/26/2014 🔍
05/26/2014 🔍
05/26/2014 🔍
05/27/2014 🔍
05/29/2014 🔍
05/30/2014 🔍
07/21/2014 🔍
06/20/2021 🔍
Sources
Vendor: ibm.comAdvisory: swg21672100 / Reference 1672100
Researcher: Tim Brown (Portcullis)
Organization: Portcullis Computer Security Ltd.
Status: Confirmed
Confirmation: 🔍
Coordinated: 🔍
CVE: CVE-2014-0907 (🔍)
GCVE (CVE): GCVE-0-2014-0907
GCVE (VulDB): GCVE-100-13395
X-Force: 91869 - Local escalation of privilege vulnerability in IBM DB2, Medium Risk
SecurityFocus: 67617 - Multiple IBM DB2 Products CVE-2014-0907 Local Privilege Escalation Vulnerability
Secunia: 58519 - IBM DB2 / DB2 Connect Multiple Vulnerabilities, Less Critical
SecurityTracker: 1030670
Vulnerability Center: 45546 - IBM DB2 on Linux and Unix Local Security Bypass via a Trojan horse library, Medium
Misc.: 🔍
See also: 🔍
Entry
Created: 05/29/2014 22:19Updated: 06/20/2021 13:58
Changes: 05/29/2014 22:19 (80), 06/02/2017 08:06 (8), 06/20/2021 13:53 (3), 06/20/2021 13:58 (1)
Complete: 🔍
Cache ID: 216:5E6:103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.