CVE-2019-4536

Summary

IBM i 7.4 users who have done a Restore User Profile (RSTUSRPRF) on a system which has been configured with Db2 Mirror for i might have user profiles with elevated privileges caused by incorrect processing during a restore of multiple user profiles. A user with restore privileges could exploit this vulnerability to obtain elevated privileges on the restored system. IBM X-Force ID: 165592.

Affected Software

VendorProductVersion RangeStatus
IBMi7.4affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References