What is CVE-2016-0226?

CVE-2016-0226 is a high-severity vulnerability in Ibm Informix_dynamic_server, classified under Improper Access Control. CVSS score: 7.8/10. Published 2016-03-28.

How severe is CVE-2016-0226?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Ibm Informix_dynamic_server

CVE-2016-0226

The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (1) nsrd, (2) nsrexecd, and (3) portmap executable files, which allows local users to gain privileges via a Trojan horse…

EPSS: 0.000 (11.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Ibm Informix_dynamic_server — versions 11.70.xcn
Microsoft Windows
N/a — versions n/a

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

psirt@us.ibm.com (x_refsource_MISC)
psirt@us.ibm.com (x_refsource_MISC)
psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
1035286 (vdb-entry, x_refsource_SECTRACK)
psirt@us.ibm.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2016-0226?: CVE-2016-0226 is a high-severity vulnerability in Ibm Informix_dynamic_server, classified under Improper Access Control. CVSS score: 7.8/10. Published 2016-03-28.
How severe is CVE-2016-0226?: High severity. CVSS v3 base score is 7.8 out of 10.