Primary

Context

IBM Informix Dynamic Server Passwordless Login Vulnerability in Version 14.10 on Windows

Vulnerability

Patched

A vulnerability in IBM Informix Dynamic Server 14.10 on Windows allows local users to log into the Informix server as an administrator without a password. This issue arises because the database access tool, DB-Access, permits users to connect as another user without authentication, bypassing the intended password requirement.

Impact

Exploitation of this vulnerability could lead to unauthorized access to the Informix server with administrative privileges.

Remediation

Users can update to IBM Informix Dynamic Server 14.10.xC11W1. The update is available through IBM Fix Central. Follow the instructions for database server upgrades in the Informix Servers documentation.

Added: Dec 2, 2025, 3:50 AM

Updated: Dec 2, 2025, 3:50 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

3.5

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

3.5

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Informix Dynamic Server Passwordless Login Vulnerability in Version 14.10 on Windows

Vulnerability

Impact

Remediation

Affected Products

IBM Informix Dynamic Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating