Vulnerability Description
Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intersystems | Cache Database | 5 |
Related Weaknesses (CWE)
References
- http://www.verisigninc.com/en_US/products-and-services/network-intelligence-avai
- https://www.intersystems.com/support-learning/support/product-news-alerts/suppor
- http://www.verisigninc.com/en_US/products-and-services/network-intelligence-avai
- https://www.intersystems.com/support-learning/support/product-news-alerts/suppor
FAQ
What is CVE-2003-0497?
CVE-2003-0497 is a vulnerability with a CVSS score of 7.2 (HIGH). Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs.
How severe is CVE-2003-0497?
CVE-2003-0497 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0497?
Check the references section above for vendor advisories and patch information. Affected products include: Intersystems Cache Database.