CVE-2010-3738

2010-10-05T18:00:00
ID CVE-2010-3738
Type cve
Reporter cve@mitre.org
Modified 2017-09-19T01:31:00

Description

The Security component in IBM DB2 UDB 9.5 before FP6a logs AUDIT events by using a USERID and an AUTHID value corresponding to the instance owner, instead of a USERID and an AUTHID value corresponding to the logged-in user account, which makes it easier for remote authenticated users to execute Audit administration commands without discovery.