CVE-2026-3623

HIGH

Vulnerabilities exists in IBM Netezza Performance Server Replication Services

Title source: cna
STIX 2.1

Description

IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low‑privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root‑level commands, obtain a root shell, and change the root user’s password. Successful exploitation also enables modification or removal of system‑wide files and the installation of persistent backdoors. This results in full system compromise with complete loss of confidentiality, integrity, and availability.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory patch
https://www.ibm.com/support/pages/node/7272148

Scores

CVSS v3 7.8
EPSS 0.0015
EPSS Percentile 4.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-250
Status published
Products (2)
IBM/Netezza Performance Server Replication Services 3.0.2.0 - 3.0.5.0
ibm/netezza_performance_server_replication_services 3.0.2.0 - 3.0.5.1
Published May 27, 2026
Tracked Since May 27, 2026