Lucene search
HistoryOct 03, 2022 - 4:21 p.m.
CVE-2006-7216
apache derby
privilege requirements
lock table
nvd
cve-2006-7216
6.6 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
32.9%
Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.
Affected configurations
Node
apachederbyMatch10.1.1.0
ORapachederbyMatch10.1.2.1
ORapachederbyMatch10.1.3.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache:derby | apache derby | eq | 10.1.1.0 |
| apache:derby | apache derby | eq | 10.1.2.1 |
| apache:derby | apache derby | eq | 10.1.3.1 |
Related
veracode
veracode
Denial Of Service (DoS)
2018-11-13 06:05:03
nvd
nvd
CVE-2006-7216
2007-07-05 20:30:00
debiancve
debiancve
CVE-2006-7216
2022-10-03 16:21:25
cvelist
cvelist
CVE-2006-7216
2022-10-03 16:21:25
6.6 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
32.9%
Related for CVE-2006-7216