{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3623", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2026-03-06T02:10:23.503Z", "datePublished": "2026-05-27T12:45:44.839Z", "dateUpdated": "2026-05-27T14:43:08.988Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-05-27T12:45:44.839Z"}, "title": "Vulnerabilities exists in IBM Netezza Performance Server Replication Services", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-250", "description": "CWE-250 Execution with Unnecessary Privileges", "type": "CWE"}]}], "affected": [{"vendor": "IBM", "product": "Netezza Performance Server Replication Services", "versions": [{"status": "affected", "version": "3.0.2.0", "lessThanOrEqual": "3.0.5.0", "versionType": "semver"}], "cpes": ["cpe:2.3:a:ibm:netezza_performance_server_replication_services:3.0.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:netezza_performance_server_replication_services:3.0.5.0:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low\u2011privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root\u2011level commands, obtain a root shell, and change the root user\u2019s password. Successful exploitation also enables modification or removal of system\u2011wide files and the installation of persistent backdoors. This results in full system compromise with complete loss of confidentiality, integrity, and availability.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low\u2011privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root\u2011level commands, obtain a root shell, and change the root user\u2019s password. Successful exploitation also enables modification or removal of system\u2011wide files and the installation of persistent backdoors. This results in full system compromise with complete loss of confidentiality, integrity, and availability.</p>"}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7272148", "tags": ["vendor-advisory", "patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "solutions": [{"lang": "en", "value": "Fixed VersionFix LinkIBM Netezza Performance Server Replication Services 3.0.5.1 Fix Central Link https://www.ibm.com/support/fixcentral/swg/selectFixes", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<div><table><colgroup><col/><col/></colgroup><tbody><tr><td>Fixed Version</td><td>Fix Link</td></tr><tr><td>IBM Netezza Performance Server Replication Services 3.0.5.1</td><td><a href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FWebSphere%2FIBM+Cloud+Private+for+Data+System&amp;fixids=3.0.5.1-WS-ICPDS-NRS-fp369&amp;source=SAR&amp;function=fixId&amp;parent=ibm/WebSphere\" rel=\"noopener noreferrer nofollow\">Fix Central Link</a></td></tr></tbody></table></div>"}]}], "x_generator": {"engine": "ibm-cvegen"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-05-27T14:41:32.910420Z", "id": "CVE-2026-3623", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-27T14:43:08.988Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3623", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-05-27T14:41:32.910420Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-27T14:43:04.796Z"}}], "cna": {"title": "Vulnerabilities exists in IBM Netezza Performance Server Replication Services", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:ibm:netezza_performance_server_replication_services:3.0.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:netezza_performance_server_replication_services:3.0.5.0:*:*:*:*:*:*:*"], "vendor": "IBM", "product": "Netezza Performance Server Replication Services", "versions": [{"status": "affected", "version": "3.0.2.0", "versionType": "semver", "lessThanOrEqual": "3.0.5.0"}]}], "solutions": [{"lang": "en", "value": "Fixed VersionFix LinkIBM Netezza Performance Server Replication Services 3.0.5.1 Fix Central Link https://www.ibm.com/support/fixcentral/swg/selectFixes", "supportingMedia": [{"type": "text/html", "value": "<div><table><colgroup><col/><col/></colgroup><tbody><tr><td>Fixed Version</td><td>Fix Link</td></tr><tr><td>IBM Netezza Performance Server Replication Services 3.0.5.1</td><td><a href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FWebSphere%2FIBM+Cloud+Private+for+Data+System&amp;fixids=3.0.5.1-WS-ICPDS-NRS-fp369&amp;source=SAR&amp;function=fixId&amp;parent=ibm/WebSphere\" rel=\"noopener noreferrer nofollow\">Fix Central Link</a></td></tr></tbody></table></div>", "base64": false}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7272148", "tags": ["vendor-advisory", "patch"]}], "x_generator": {"engine": "ibm-cvegen"}, "descriptions": [{"lang": "en", "value": "IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low\u2011privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root\u2011level commands, obtain a root shell, and change the root user\u2019s password. Successful exploitation also enables modification or removal of system\u2011wide files and the installation of persistent backdoors. This results in full system compromise with complete loss of confidentiality, integrity, and availability.", "supportingMedia": [{"type": "text/html", "value": "<p>IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low\u2011privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root\u2011level commands, obtain a root shell, and change the root user\u2019s password. Successful exploitation also enables modification or removal of system\u2011wide files and the installation of persistent backdoors. This results in full system compromise with complete loss of confidentiality, integrity, and availability.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-250", "description": "CWE-250 Execution with Unnecessary Privileges"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-05-27T12:45:44.839Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3623", "state": "PUBLISHED", "dateUpdated": "2026-05-27T14:43:08.988Z", "dateReserved": "2026-03-06T02:10:23.503Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2026-05-27T12:45:44.839Z", "assignerShortName": "ibm"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low\u2011privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root\u2011level commands, obtain a root shell, and change the root user\u2019s password. Successful exploitation also enables modification or removal of system\u2011wide files and the installation of persistent backdoors. This results in full system compromise with complete loss of confidentiality, integrity, and availability."}], "id": "CVE-2026-3623", "lastModified": "2026-05-27T14:53:51.833", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "psirt@us.ibm.com", "type": "Primary"}]}, "published": "2026-05-27T14:16:47.000", "references": [{"source": "psirt@us.ibm.com", "url": "https://www.ibm.com/support/pages/node/7272148"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-250"}], "source": "psirt@us.ibm.com", "type": "Primary"}]}

{}

{"created": "2026-05-27T15:45:37.266328+00:00", "updated": "2026-05-27T15:45:37.266341+00:00", "vendors": []}