Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges.
CVSS Score
5.0
EPSS Score
0.008
Published
2007-12-20