CVE-2006-7216

Apache Derby <10.2.1.6 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.

References (2)

Core 2
Core References

Scores

EPSS 0.0217
EPSS Percentile 80.3%

Details

Status published
Products (3)
apache/derby 10.1.1.0
apache/derby 10.1.2.1
apache/derby 10.1.3.1
Published Jul 05, 2007
Tracked Since Feb 18, 2026