Vulnerability-Lookup - Search a vulnerability

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

FKIE_CVE-2017-1434

Vulnerability from fkie_nvd - Published: 2017-09-12 21:29 - Updated: 2025-04-20 01:37

Severity ?

4.7 (Medium) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22005740	Mitigation, Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/100693	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1039297	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/127806	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22005740	Mitigation, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/100693	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039297	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/127806	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2	11.1.0.0
ibm	db2_connect	11.1.0.0
linux	linux_kernel	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E17D042-0EE4-4F81-8E39-D8730D792BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E32FD81-F765-4115-9977-B1913CE13106",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user."
    },
    {
      "lang": "es",
      "value": "IBM DB2 para Linux, UNIX y Windows 11.1 (incluye DB2 Connect Server), bajo circunstancias no habituales, podr\u00eda exponer informaci\u00f3n altamente sensible a un usuario local mediante el registro de errores."
    }
  ],
  "id": "CVE-2017-1434",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-12T21:29:00.283",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22005740"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100693"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039297"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127806"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22005740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100693"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127806"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2017-1451

Vulnerability from fkie_nvd - Published: 2017-09-12 21:29 - Updated: 2025-04-20 01:37

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22006061	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/100690	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1039301	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/128178	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22006061	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/100690	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039301	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/128178	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2	9.7
ibm	db2	9.7.0.1
ibm	db2	9.7.0.2
ibm	db2	9.7.0.3
ibm	db2	9.7.0.4
ibm	db2	9.7.0.5
ibm	db2	9.7.0.6
ibm	db2	9.7.0.7
ibm	db2	9.7.0.8
ibm	db2	9.7.0.9
ibm	db2	9.7.0.9
ibm	db2	9.7.0.10
ibm	db2	9.7.0.11
ibm	db2	10.1
ibm	db2	10.1.0.1
ibm	db2	10.1.0.2
ibm	db2	10.1.0.3
ibm	db2	10.1.0.4
ibm	db2	10.1.0.5
ibm	db2	10.5
ibm	db2	10.5.0.1
ibm	db2	10.5.0.2
ibm	db2	10.5.0.3
ibm	db2	10.5.0.3
ibm	db2	10.5.0.4
ibm	db2	10.5.0.5
ibm	db2	10.5.0.6
ibm	db2	10.5.0.7
ibm	db2	11.1.0.0
ibm	db2_connect	9.7
ibm	db2_connect	9.7.0.1
ibm	db2_connect	9.7.0.2
ibm	db2_connect	9.7.0.3
ibm	db2_connect	9.7.0.4
ibm	db2_connect	9.7.0.5
ibm	db2_connect	9.7.0.6
ibm	db2_connect	9.7.0.7
ibm	db2_connect	9.7.0.8
ibm	db2_connect	9.7.0.9
ibm	db2_connect	9.7.0.10
ibm	db2_connect	9.7.0.11
ibm	db2_connect	10.1
ibm	db2_connect	10.1.0.1
ibm	db2_connect	10.1.0.2
ibm	db2_connect	10.1.0.3
ibm	db2_connect	10.1.0.4
ibm	db2_connect	10.1.0.5
ibm	db2_connect	10.5
ibm	db2_connect	10.5.0.1
ibm	db2_connect	10.5.0.2
ibm	db2_connect	10.5.0.3
ibm	db2_connect	10.5.0.4
ibm	db2_connect	10.5.0.5
ibm	db2_connect	10.5.0.6
ibm	db2_connect	10.5.0.7
ibm	db2_connect	11.1.0.0
linux	linux_kernel	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A8E221-7045-4BAD-9B29-ABBC5216559D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C39DC1-AD23-4F26-9727-EC0FBDF84BEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2513D42C-E558-4CC7-88D3-BB44F1B40157",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F441BE8-AEC0-44F0-875E-03C65A45CF68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E9715-CFAA-4F2A-B432-181EDCA3D812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A55FBA0-4DFC-493D-91EF-EB56C241F9CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B539123F-B8AC-4051-9458-A780C68E9667",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3958E50-1F97-4C06-AF22-C635FB2557A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "57AC4D14-805A-42F6-9348-D13C9A48136F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:a:*:*:*:*:*:*",
              "matchCriteriaId": "2B1F07F2-3F58-4999-97E9-50C627D9CB84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B54C55B-9288-4E04-B0D6-6765E5217DFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA99C5A3-D43E-4942-AE87-8DA46FCDCD47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5FA4086-9B5D-4352-B717-3F826DE17D4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD79FF24-6C10-437B-86AF-E211B8C6FDC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABB145C-44EE-47F5-9439-DE6433F8008E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F138E08-6808-4371-9E9C-096B01126B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "813AE6CA-39B5-448C-8781-F2C3B499160A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B27E1F7-888C-40EE-85FF-B5DC099828C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57DCF076-B475-41E6-B1ED-44FBC99238C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB1972D-F7FC-4ABA-9DEE-9953D2572944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:a:*:*:*:*:*:*",
              "matchCriteriaId": "CA651B7E-418B-4C3C-9A83-7E25342D884F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D276299-D403-4C41-ACBF-A23383CB3FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5830263A-6970-43B8-BF08-2886327004A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F67DD01-F0E6-420E-A144-A8DD001BBBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA78533-899B-4482-97A7-7E2730C18C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E17D042-0EE4-4F81-8E39-D8730D792BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A8DDC8C-92D4-4078-8C82-9CB27B0DBDD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F2418D4-8A16-4617-AE27-B2FDD68711C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADC23293-580F-48B7-BB18-C91E254B4885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DD2BBD-1ED1-4FF0-8A5D-AD36B71BF5ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "97A09A6A-D7D8-4ADE-850B-1FA98E4FD8DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "45EA04C9-3B45-47C2-88C6-4BE578673A08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "10331272-C7E3-4F77-BAB7-C931CDD57699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "781B87AB-DBCA-495A-B809-648357EF6873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA8F6CF0-8418-41CB-B3E5-B04CF633DBCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D28D8A2E-ECA5-401E-806B-2385668C90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D92905F-5327-4CAA-9ECE-5211FB92BF14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9620D61-5F09-44E7-A19F-7E70A7F0D832",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B343CCB4-CE4B-44D2-A04E-69031CD649EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC80416E-982E-496E-BB46-5928FDB8CF13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B2A6C0-93D4-4648-A507-62F075D6AFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9510BA35-C62A-46CE-A009-F20971EAE9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE54DD24-2E67-49D9-81EB-88A50ED3FB9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20186C62-14F0-47FA-BF37-772AEDF64E9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC398F4-AA9B-446B-ABE3-236A3F72FBB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DD73C3-412C-461A-A1A4-BB760CC3C2D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9D91F10-BC9A-4A20-A153-022C9207A1E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95700FA-C64B-40D9-81C5-39A76961A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF3EF9D-7FD1-46F4-A745-2C3D31B2E12F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "269C7299-D812-462D-9C4D-D36F5665789E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89A2701-5904-4DBD-8AAC-9972611CC92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B42E8C32-272B-4D9D-8479-D15D511FAAE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E32FD81-F765-4115-9977-B1913CE13106",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178."
    },
    {
      "lang": "es",
      "value": "IBM DB2 para Linux, UNIX y Windows 9.7, 10,1, 10.5 y 11.1 (incluido DB2 Connect Server) podr\u00eda permitir a un usuario local con privilegios de propietario en la instancia DB2 obtener acceso root. IBM X-Force ID: 128178."
    }
  ],
  "id": "CVE-2017-1451",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-12T21:29:00.567",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100690"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039301"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128178"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100690"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039301"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128178"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2017-1452

Vulnerability from fkie_nvd - Published: 2017-09-12 21:29 - Updated: 2025-04-20 01:37

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22006109	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/100698	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1039299	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/128180	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22006109	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/100698	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039299	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/128180	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2	9.7
ibm	db2	9.7.0.1
ibm	db2	9.7.0.2
ibm	db2	9.7.0.3
ibm	db2	9.7.0.4
ibm	db2	9.7.0.5
ibm	db2	9.7.0.6
ibm	db2	9.7.0.7
ibm	db2	9.7.0.8
ibm	db2	9.7.0.9
ibm	db2	9.7.0.9
ibm	db2	9.7.0.10
ibm	db2	9.7.0.11
ibm	db2	10.1
ibm	db2	10.1.0.1
ibm	db2	10.1.0.2
ibm	db2	10.1.0.3
ibm	db2	10.1.0.4
ibm	db2	10.1.0.5
ibm	db2	10.5
ibm	db2	10.5.0.1
ibm	db2	10.5.0.2
ibm	db2	10.5.0.3
ibm	db2	10.5.0.3
ibm	db2	10.5.0.4
ibm	db2	10.5.0.5
ibm	db2	10.5.0.6
ibm	db2	10.5.0.7
ibm	db2	11.1.0.0
ibm	db2_connect	9.7
ibm	db2_connect	9.7.0.1
ibm	db2_connect	9.7.0.2
ibm	db2_connect	9.7.0.3
ibm	db2_connect	9.7.0.4
ibm	db2_connect	9.7.0.5
ibm	db2_connect	9.7.0.6
ibm	db2_connect	9.7.0.7
ibm	db2_connect	9.7.0.8
ibm	db2_connect	9.7.0.9
ibm	db2_connect	9.7.0.10
ibm	db2_connect	9.7.0.11
ibm	db2_connect	10.1
ibm	db2_connect	10.1.0.1
ibm	db2_connect	10.1.0.2
ibm	db2_connect	10.1.0.3
ibm	db2_connect	10.1.0.4
ibm	db2_connect	10.1.0.5
ibm	db2_connect	10.5
ibm	db2_connect	10.5.0.1
ibm	db2_connect	10.5.0.2
ibm	db2_connect	10.5.0.3
ibm	db2_connect	10.5.0.4
ibm	db2_connect	10.5.0.5
ibm	db2_connect	10.5.0.6
ibm	db2_connect	10.5.0.7
ibm	db2_connect	11.1.0.0
linux	linux_kernel	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A8E221-7045-4BAD-9B29-ABBC5216559D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C39DC1-AD23-4F26-9727-EC0FBDF84BEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2513D42C-E558-4CC7-88D3-BB44F1B40157",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F441BE8-AEC0-44F0-875E-03C65A45CF68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E9715-CFAA-4F2A-B432-181EDCA3D812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A55FBA0-4DFC-493D-91EF-EB56C241F9CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B539123F-B8AC-4051-9458-A780C68E9667",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3958E50-1F97-4C06-AF22-C635FB2557A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "57AC4D14-805A-42F6-9348-D13C9A48136F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:a:*:*:*:*:*:*",
              "matchCriteriaId": "2B1F07F2-3F58-4999-97E9-50C627D9CB84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B54C55B-9288-4E04-B0D6-6765E5217DFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA99C5A3-D43E-4942-AE87-8DA46FCDCD47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5FA4086-9B5D-4352-B717-3F826DE17D4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD79FF24-6C10-437B-86AF-E211B8C6FDC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABB145C-44EE-47F5-9439-DE6433F8008E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F138E08-6808-4371-9E9C-096B01126B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "813AE6CA-39B5-448C-8781-F2C3B499160A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B27E1F7-888C-40EE-85FF-B5DC099828C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57DCF076-B475-41E6-B1ED-44FBC99238C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB1972D-F7FC-4ABA-9DEE-9953D2572944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:a:*:*:*:*:*:*",
              "matchCriteriaId": "CA651B7E-418B-4C3C-9A83-7E25342D884F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D276299-D403-4C41-ACBF-A23383CB3FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5830263A-6970-43B8-BF08-2886327004A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F67DD01-F0E6-420E-A144-A8DD001BBBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA78533-899B-4482-97A7-7E2730C18C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E17D042-0EE4-4F81-8E39-D8730D792BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A8DDC8C-92D4-4078-8C82-9CB27B0DBDD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F2418D4-8A16-4617-AE27-B2FDD68711C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADC23293-580F-48B7-BB18-C91E254B4885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DD2BBD-1ED1-4FF0-8A5D-AD36B71BF5ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "97A09A6A-D7D8-4ADE-850B-1FA98E4FD8DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "45EA04C9-3B45-47C2-88C6-4BE578673A08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "10331272-C7E3-4F77-BAB7-C931CDD57699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "781B87AB-DBCA-495A-B809-648357EF6873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA8F6CF0-8418-41CB-B3E5-B04CF633DBCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D28D8A2E-ECA5-401E-806B-2385668C90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D92905F-5327-4CAA-9ECE-5211FB92BF14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9620D61-5F09-44E7-A19F-7E70A7F0D832",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B343CCB4-CE4B-44D2-A04E-69031CD649EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC80416E-982E-496E-BB46-5928FDB8CF13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B2A6C0-93D4-4648-A507-62F075D6AFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9510BA35-C62A-46CE-A009-F20971EAE9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE54DD24-2E67-49D9-81EB-88A50ED3FB9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20186C62-14F0-47FA-BF37-772AEDF64E9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC398F4-AA9B-446B-ABE3-236A3F72FBB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DD73C3-412C-461A-A1A4-BB760CC3C2D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9D91F10-BC9A-4A20-A153-022C9207A1E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95700FA-C64B-40D9-81C5-39A76961A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF3EF9D-7FD1-46F4-A745-2C3D31B2E12F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "269C7299-D812-462D-9C4D-D36F5665789E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89A2701-5904-4DBD-8AAC-9972611CC92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B42E8C32-272B-4D9D-8479-D15D511FAAE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E32FD81-F765-4115-9977-B1913CE13106",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180."
    },
    {
      "lang": "es",
      "value": "IBM DB2 para Linux, UNIX y Windows 9.7, 10,1, 10.5 y 11.1 (incluido DB2 Connect Server) podr\u00eda permitir a un usuario local obtener privilegios elevados y sobrescribir archivos DB2.. IBM X-Force ID: 128180."
    }
  ],
  "id": "CVE-2017-1452",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-12T21:29:00.597",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22006109"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100698"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039299"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22006109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100698"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039299"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2017-1438

Vulnerability from fkie_nvd - Published: 2017-09-12 21:29 - Updated: 2025-04-20 01:37

Severity ?

6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22006885	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/100685	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1039300	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/128057	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22006885	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/100685	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039300	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/128057	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2	9.7
ibm	db2	9.7.0.1
ibm	db2	9.7.0.2
ibm	db2	9.7.0.3
ibm	db2	9.7.0.4
ibm	db2	9.7.0.5
ibm	db2	9.7.0.6
ibm	db2	9.7.0.7
ibm	db2	9.7.0.8
ibm	db2	9.7.0.9
ibm	db2	9.7.0.9
ibm	db2	9.7.0.10
ibm	db2	9.7.0.11
ibm	db2	10.1
ibm	db2	10.1.0.1
ibm	db2	10.1.0.2
ibm	db2	10.1.0.3
ibm	db2	10.1.0.4
ibm	db2	10.1.0.5
ibm	db2	10.5
ibm	db2	10.5.0.1
ibm	db2	10.5.0.2
ibm	db2	10.5.0.3
ibm	db2	10.5.0.3
ibm	db2	10.5.0.4
ibm	db2	10.5.0.5
ibm	db2	10.5.0.6
ibm	db2	10.5.0.7
ibm	db2	11.1.0.0
ibm	db2_connect	9.7
ibm	db2_connect	9.7.0.1
ibm	db2_connect	9.7.0.2
ibm	db2_connect	9.7.0.3
ibm	db2_connect	9.7.0.4
ibm	db2_connect	9.7.0.5
ibm	db2_connect	9.7.0.6
ibm	db2_connect	9.7.0.7
ibm	db2_connect	9.7.0.8
ibm	db2_connect	9.7.0.9
ibm	db2_connect	9.7.0.10
ibm	db2_connect	9.7.0.11
ibm	db2_connect	10.1
ibm	db2_connect	10.1.0.1
ibm	db2_connect	10.1.0.2
ibm	db2_connect	10.1.0.3
ibm	db2_connect	10.1.0.4
ibm	db2_connect	10.1.0.5
ibm	db2_connect	10.5
ibm	db2_connect	10.5.0.1
ibm	db2_connect	10.5.0.2
ibm	db2_connect	10.5.0.3
ibm	db2_connect	10.5.0.4
ibm	db2_connect	10.5.0.5
ibm	db2_connect	10.5.0.6
ibm	db2_connect	10.5.0.7
ibm	db2_connect	11.1.0.0
linux	linux_kernel	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A8E221-7045-4BAD-9B29-ABBC5216559D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C39DC1-AD23-4F26-9727-EC0FBDF84BEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2513D42C-E558-4CC7-88D3-BB44F1B40157",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F441BE8-AEC0-44F0-875E-03C65A45CF68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E9715-CFAA-4F2A-B432-181EDCA3D812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A55FBA0-4DFC-493D-91EF-EB56C241F9CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B539123F-B8AC-4051-9458-A780C68E9667",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3958E50-1F97-4C06-AF22-C635FB2557A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "57AC4D14-805A-42F6-9348-D13C9A48136F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:a:*:*:*:*:*:*",
              "matchCriteriaId": "2B1F07F2-3F58-4999-97E9-50C627D9CB84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B54C55B-9288-4E04-B0D6-6765E5217DFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA99C5A3-D43E-4942-AE87-8DA46FCDCD47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5FA4086-9B5D-4352-B717-3F826DE17D4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD79FF24-6C10-437B-86AF-E211B8C6FDC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABB145C-44EE-47F5-9439-DE6433F8008E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F138E08-6808-4371-9E9C-096B01126B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "813AE6CA-39B5-448C-8781-F2C3B499160A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B27E1F7-888C-40EE-85FF-B5DC099828C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57DCF076-B475-41E6-B1ED-44FBC99238C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB1972D-F7FC-4ABA-9DEE-9953D2572944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:a:*:*:*:*:*:*",
              "matchCriteriaId": "CA651B7E-418B-4C3C-9A83-7E25342D884F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D276299-D403-4C41-ACBF-A23383CB3FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5830263A-6970-43B8-BF08-2886327004A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F67DD01-F0E6-420E-A144-A8DD001BBBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA78533-899B-4482-97A7-7E2730C18C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E17D042-0EE4-4F81-8E39-D8730D792BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A8DDC8C-92D4-4078-8C82-9CB27B0DBDD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F2418D4-8A16-4617-AE27-B2FDD68711C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADC23293-580F-48B7-BB18-C91E254B4885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DD2BBD-1ED1-4FF0-8A5D-AD36B71BF5ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "97A09A6A-D7D8-4ADE-850B-1FA98E4FD8DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "45EA04C9-3B45-47C2-88C6-4BE578673A08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "10331272-C7E3-4F77-BAB7-C931CDD57699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "781B87AB-DBCA-495A-B809-648357EF6873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA8F6CF0-8418-41CB-B3E5-B04CF633DBCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D28D8A2E-ECA5-401E-806B-2385668C90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D92905F-5327-4CAA-9ECE-5211FB92BF14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9620D61-5F09-44E7-A19F-7E70A7F0D832",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B343CCB4-CE4B-44D2-A04E-69031CD649EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC80416E-982E-496E-BB46-5928FDB8CF13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B2A6C0-93D4-4648-A507-62F075D6AFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9510BA35-C62A-46CE-A009-F20971EAE9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE54DD24-2E67-49D9-81EB-88A50ED3FB9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20186C62-14F0-47FA-BF37-772AEDF64E9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC398F4-AA9B-446B-ABE3-236A3F72FBB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DD73C3-412C-461A-A1A4-BB760CC3C2D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9D91F10-BC9A-4A20-A153-022C9207A1E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95700FA-C64B-40D9-81C5-39A76961A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF3EF9D-7FD1-46F4-A745-2C3D31B2E12F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "269C7299-D812-462D-9C4D-D36F5665789E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89A2701-5904-4DBD-8AAC-9972611CC92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B42E8C32-272B-4D9D-8479-D15D511FAAE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E32FD81-F765-4115-9977-B1913CE13106",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057."
    },
    {
      "lang": "es",
      "value": "IBM DB2 para Linux, UNIX y Windows 9.7, 10,1, 10.5 y 11.1 (incluido DB2 Connect Server) podr\u00eda permitir a un usuario local con privilegios de propietario en la instancia DB2 obtener acceso root. IBM X-Force ID: 128057."
    }
  ],
  "id": "CVE-2017-1438",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-12T21:29:00.317",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22006885"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100685"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039300"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128057"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22006885"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100685"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128057"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2017-1439

Vulnerability from fkie_nvd - Published: 2017-09-12 21:29 - Updated: 2025-04-20 01:37

Severity ?

6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22006061	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/100690	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1039301	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/128058	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22006061	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/100690	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039301	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/128058	VDB Entry, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2	9.7
ibm	db2	9.7.0.1
ibm	db2	9.7.0.2
ibm	db2	9.7.0.3
ibm	db2	9.7.0.4
ibm	db2	9.7.0.5
ibm	db2	9.7.0.6
ibm	db2	9.7.0.7
ibm	db2	9.7.0.8
ibm	db2	9.7.0.9
ibm	db2	9.7.0.9
ibm	db2	9.7.0.10
ibm	db2	9.7.0.11
ibm	db2	10.1
ibm	db2	10.1.0.1
ibm	db2	10.1.0.2
ibm	db2	10.1.0.3
ibm	db2	10.1.0.4
ibm	db2	10.1.0.5
ibm	db2	10.5
ibm	db2	10.5.0.1
ibm	db2	10.5.0.2
ibm	db2	10.5.0.3
ibm	db2	10.5.0.3
ibm	db2	10.5.0.4
ibm	db2	10.5.0.5
ibm	db2	10.5.0.6
ibm	db2	10.5.0.7
ibm	db2	11.1.0.0
ibm	db2_connect	9.7
ibm	db2_connect	9.7.0.1
ibm	db2_connect	9.7.0.2
ibm	db2_connect	9.7.0.3
ibm	db2_connect	9.7.0.4
ibm	db2_connect	9.7.0.5
ibm	db2_connect	9.7.0.6
ibm	db2_connect	9.7.0.7
ibm	db2_connect	9.7.0.8
ibm	db2_connect	9.7.0.9
ibm	db2_connect	9.7.0.10
ibm	db2_connect	9.7.0.11
ibm	db2_connect	10.1
ibm	db2_connect	10.1.0.1
ibm	db2_connect	10.1.0.2
ibm	db2_connect	10.1.0.3
ibm	db2_connect	10.1.0.4
ibm	db2_connect	10.1.0.5
ibm	db2_connect	10.5
ibm	db2_connect	10.5.0.1
ibm	db2_connect	10.5.0.2
ibm	db2_connect	10.5.0.3
ibm	db2_connect	10.5.0.4
ibm	db2_connect	10.5.0.5
ibm	db2_connect	10.5.0.6
ibm	db2_connect	10.5.0.7
ibm	db2_connect	11.1.0.0
linux	linux_kernel	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A8E221-7045-4BAD-9B29-ABBC5216559D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C39DC1-AD23-4F26-9727-EC0FBDF84BEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2513D42C-E558-4CC7-88D3-BB44F1B40157",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F441BE8-AEC0-44F0-875E-03C65A45CF68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E9715-CFAA-4F2A-B432-181EDCA3D812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A55FBA0-4DFC-493D-91EF-EB56C241F9CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B539123F-B8AC-4051-9458-A780C68E9667",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3958E50-1F97-4C06-AF22-C635FB2557A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "57AC4D14-805A-42F6-9348-D13C9A48136F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:a:*:*:*:*:*:*",
              "matchCriteriaId": "2B1F07F2-3F58-4999-97E9-50C627D9CB84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B54C55B-9288-4E04-B0D6-6765E5217DFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA99C5A3-D43E-4942-AE87-8DA46FCDCD47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5FA4086-9B5D-4352-B717-3F826DE17D4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD79FF24-6C10-437B-86AF-E211B8C6FDC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABB145C-44EE-47F5-9439-DE6433F8008E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F138E08-6808-4371-9E9C-096B01126B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "813AE6CA-39B5-448C-8781-F2C3B499160A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B27E1F7-888C-40EE-85FF-B5DC099828C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57DCF076-B475-41E6-B1ED-44FBC99238C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB1972D-F7FC-4ABA-9DEE-9953D2572944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:a:*:*:*:*:*:*",
              "matchCriteriaId": "CA651B7E-418B-4C3C-9A83-7E25342D884F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D276299-D403-4C41-ACBF-A23383CB3FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5830263A-6970-43B8-BF08-2886327004A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F67DD01-F0E6-420E-A144-A8DD001BBBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA78533-899B-4482-97A7-7E2730C18C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E17D042-0EE4-4F81-8E39-D8730D792BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A8DDC8C-92D4-4078-8C82-9CB27B0DBDD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F2418D4-8A16-4617-AE27-B2FDD68711C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADC23293-580F-48B7-BB18-C91E254B4885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DD2BBD-1ED1-4FF0-8A5D-AD36B71BF5ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "97A09A6A-D7D8-4ADE-850B-1FA98E4FD8DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "45EA04C9-3B45-47C2-88C6-4BE578673A08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "10331272-C7E3-4F77-BAB7-C931CDD57699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "781B87AB-DBCA-495A-B809-648357EF6873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA8F6CF0-8418-41CB-B3E5-B04CF633DBCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D28D8A2E-ECA5-401E-806B-2385668C90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D92905F-5327-4CAA-9ECE-5211FB92BF14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9620D61-5F09-44E7-A19F-7E70A7F0D832",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B343CCB4-CE4B-44D2-A04E-69031CD649EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC80416E-982E-496E-BB46-5928FDB8CF13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B2A6C0-93D4-4648-A507-62F075D6AFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9510BA35-C62A-46CE-A009-F20971EAE9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE54DD24-2E67-49D9-81EB-88A50ED3FB9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20186C62-14F0-47FA-BF37-772AEDF64E9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC398F4-AA9B-446B-ABE3-236A3F72FBB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DD73C3-412C-461A-A1A4-BB760CC3C2D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9D91F10-BC9A-4A20-A153-022C9207A1E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95700FA-C64B-40D9-81C5-39A76961A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF3EF9D-7FD1-46F4-A745-2C3D31B2E12F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "269C7299-D812-462D-9C4D-D36F5665789E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89A2701-5904-4DBD-8AAC-9972611CC92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B42E8C32-272B-4D9D-8479-D15D511FAAE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E32FD81-F765-4115-9977-B1913CE13106",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058."
    },
    {
      "lang": "es",
      "value": "IBM DB2 para Linux, UNIX y Windows 9.7, 10,1, 10.5 y 11.1 (incluido DB2 Connect Server) podr\u00eda permitir a un usuario local con privilegios de propietario en la instancia DB2 obtener acceso root. IBM X-Force ID: 128058."
    }
  ],
  "id": "CVE-2017-1439",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-12T21:29:00.347",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100690"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039301"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100690"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039301"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128058"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2017-1520

Vulnerability from fkie_nvd - Published: 2017-09-12 21:29 - Updated: 2025-04-20 01:37

Severity ?

3.7 (Low) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22007186	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/100684	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1039308	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/129830	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22007186	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/100684	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039308	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/129830	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2	9.7
ibm	db2	9.7.0.1
ibm	db2	9.7.0.2
ibm	db2	9.7.0.3
ibm	db2	9.7.0.4
ibm	db2	9.7.0.5
ibm	db2	9.7.0.6
ibm	db2	9.7.0.7
ibm	db2	9.7.0.8
ibm	db2	9.7.0.9
ibm	db2	9.7.0.9
ibm	db2	9.7.0.10
ibm	db2	9.7.0.11
ibm	db2	10.1
ibm	db2	10.1.0.1
ibm	db2	10.1.0.2
ibm	db2	10.1.0.3
ibm	db2	10.1.0.4
ibm	db2	10.1.0.5
ibm	db2	10.5
ibm	db2	10.5.0.1
ibm	db2	10.5.0.2
ibm	db2	10.5.0.3
ibm	db2	10.5.0.3
ibm	db2	10.5.0.4
ibm	db2	10.5.0.5
ibm	db2	10.5.0.6
ibm	db2	10.5.0.7
ibm	db2	11.1.0.0
ibm	db2_connect	9.7
ibm	db2_connect	9.7.0.1
ibm	db2_connect	9.7.0.2
ibm	db2_connect	9.7.0.3
ibm	db2_connect	9.7.0.4
ibm	db2_connect	9.7.0.5
ibm	db2_connect	9.7.0.6
ibm	db2_connect	9.7.0.7
ibm	db2_connect	9.7.0.8
ibm	db2_connect	9.7.0.9
ibm	db2_connect	9.7.0.10
ibm	db2_connect	9.7.0.11
ibm	db2_connect	10.1
ibm	db2_connect	10.1.0.1
ibm	db2_connect	10.1.0.2
ibm	db2_connect	10.1.0.3
ibm	db2_connect	10.1.0.4
ibm	db2_connect	10.1.0.5
ibm	db2_connect	10.5
ibm	db2_connect	10.5.0.1
ibm	db2_connect	10.5.0.2
ibm	db2_connect	10.5.0.3
ibm	db2_connect	10.5.0.4
ibm	db2_connect	10.5.0.5
ibm	db2_connect	10.5.0.6
ibm	db2_connect	10.5.0.7
ibm	db2_connect	11.1.0.0
linux	linux_kernel	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A8E221-7045-4BAD-9B29-ABBC5216559D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C39DC1-AD23-4F26-9727-EC0FBDF84BEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2513D42C-E558-4CC7-88D3-BB44F1B40157",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F441BE8-AEC0-44F0-875E-03C65A45CF68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E9715-CFAA-4F2A-B432-181EDCA3D812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A55FBA0-4DFC-493D-91EF-EB56C241F9CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B539123F-B8AC-4051-9458-A780C68E9667",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3958E50-1F97-4C06-AF22-C635FB2557A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "57AC4D14-805A-42F6-9348-D13C9A48136F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:a:*:*:*:*:*:*",
              "matchCriteriaId": "2B1F07F2-3F58-4999-97E9-50C627D9CB84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B54C55B-9288-4E04-B0D6-6765E5217DFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA99C5A3-D43E-4942-AE87-8DA46FCDCD47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5FA4086-9B5D-4352-B717-3F826DE17D4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD79FF24-6C10-437B-86AF-E211B8C6FDC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABB145C-44EE-47F5-9439-DE6433F8008E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F138E08-6808-4371-9E9C-096B01126B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "813AE6CA-39B5-448C-8781-F2C3B499160A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B27E1F7-888C-40EE-85FF-B5DC099828C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57DCF076-B475-41E6-B1ED-44FBC99238C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB1972D-F7FC-4ABA-9DEE-9953D2572944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:a:*:*:*:*:*:*",
              "matchCriteriaId": "CA651B7E-418B-4C3C-9A83-7E25342D884F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D276299-D403-4C41-ACBF-A23383CB3FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5830263A-6970-43B8-BF08-2886327004A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F67DD01-F0E6-420E-A144-A8DD001BBBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA78533-899B-4482-97A7-7E2730C18C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E17D042-0EE4-4F81-8E39-D8730D792BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A8DDC8C-92D4-4078-8C82-9CB27B0DBDD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F2418D4-8A16-4617-AE27-B2FDD68711C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADC23293-580F-48B7-BB18-C91E254B4885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DD2BBD-1ED1-4FF0-8A5D-AD36B71BF5ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "97A09A6A-D7D8-4ADE-850B-1FA98E4FD8DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "45EA04C9-3B45-47C2-88C6-4BE578673A08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "10331272-C7E3-4F77-BAB7-C931CDD57699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "781B87AB-DBCA-495A-B809-648357EF6873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA8F6CF0-8418-41CB-B3E5-B04CF633DBCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D28D8A2E-ECA5-401E-806B-2385668C90D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D92905F-5327-4CAA-9ECE-5211FB92BF14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9620D61-5F09-44E7-A19F-7E70A7F0D832",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B343CCB4-CE4B-44D2-A04E-69031CD649EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC80416E-982E-496E-BB46-5928FDB8CF13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B2A6C0-93D4-4648-A507-62F075D6AFCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9510BA35-C62A-46CE-A009-F20971EAE9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE54DD24-2E67-49D9-81EB-88A50ED3FB9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20186C62-14F0-47FA-BF37-772AEDF64E9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC398F4-AA9B-446B-ABE3-236A3F72FBB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DD73C3-412C-461A-A1A4-BB760CC3C2D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9D91F10-BC9A-4A20-A153-022C9207A1E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95700FA-C64B-40D9-81C5-39A76961A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF3EF9D-7FD1-46F4-A745-2C3D31B2E12F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "269C7299-D812-462D-9C4D-D36F5665789E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89A2701-5904-4DBD-8AAC-9972611CC92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B42E8C32-272B-4D9D-8479-D15D511FAAE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E32FD81-F765-4115-9977-B1913CE13106",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830."
    },
    {
      "lang": "es",
      "value": "IBM DB2 9.7, 10,1, 10.5 y 11.1 es vulnerable a que se ejecute un comando no autorizado que permita activar la base de datos cuando la autenticaci\u00f3n es de tipo CLIENT. IBM X-Force ID: 129830."
    }
  ],
  "id": "CVE-2017-1520",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.7,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-12T21:29:00.673",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22007186"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100684"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039308"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129830"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22007186"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100684"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039308"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129830"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2017-1519

Vulnerability from fkie_nvd - Published: 2017-09-12 21:29 - Updated: 2025-04-20 01:37

Severity ?

5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22007183	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/100688	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1039298	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/129829	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22007183	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/100688	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039298	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/129829	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2	10.5
ibm	db2	10.5.0.1
ibm	db2	10.5.0.2
ibm	db2	10.5.0.3
ibm	db2	10.5.0.3
ibm	db2	10.5.0.4
ibm	db2	10.5.0.5
ibm	db2	10.5.0.6
ibm	db2	10.5.0.7
ibm	db2	11.1.0.0
ibm	db2_connect	10.5
ibm	db2_connect	10.5.0.1
ibm	db2_connect	10.5.0.2
ibm	db2_connect	10.5.0.3
ibm	db2_connect	10.5.0.4
ibm	db2_connect	10.5.0.5
ibm	db2_connect	10.5.0.6
ibm	db2_connect	10.5.0.7
ibm	db2_connect	11.1.0.0
linux	linux_kernel	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B27E1F7-888C-40EE-85FF-B5DC099828C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57DCF076-B475-41E6-B1ED-44FBC99238C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB1972D-F7FC-4ABA-9DEE-9953D2572944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:a:*:*:*:*:*:*",
              "matchCriteriaId": "CA651B7E-418B-4C3C-9A83-7E25342D884F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D276299-D403-4C41-ACBF-A23383CB3FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5830263A-6970-43B8-BF08-2886327004A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F67DD01-F0E6-420E-A144-A8DD001BBBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA78533-899B-4482-97A7-7E2730C18C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E17D042-0EE4-4F81-8E39-D8730D792BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EC398F4-AA9B-446B-ABE3-236A3F72FBB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36DD73C3-412C-461A-A1A4-BB760CC3C2D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9D91F10-BC9A-4A20-A153-022C9207A1E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95700FA-C64B-40D9-81C5-39A76961A89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DF3EF9D-7FD1-46F4-A745-2C3D31B2E12F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "269C7299-D812-462D-9C4D-D36F5665789E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F89A2701-5904-4DBD-8AAC-9972611CC92B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B42E8C32-272B-4D9D-8479-D15D511FAAE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E32FD81-F765-4115-9977-B1913CE13106",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829."
    },
    {
      "lang": "es",
      "value": "IBM DB2 10.5 y 11.1 es vulnerable a denegaciones de servicio. Un usuario remoto puede provocar la interrupci\u00f3n del servicio en la instalaci\u00f3n de DB2 Connect Server con una configuraci\u00f3n espec\u00edfica. IBM X-Force ID: 129829."
    }
  ],
  "id": "CVE-2017-1519",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-12T21:29:00.627",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22007183"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100688"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039298"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22007183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/100688"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039298"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2017-1297

Vulnerability from fkie_nvd - Published: 2017-06-27 16:29 - Updated: 2025-04-20 01:37

Severity ?

7.3 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Summary

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22004878	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/99271	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1038772
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/125159	Vendor Advisory
psirt@us.ibm.com	https://www.exploit-db.com/exploits/42260/
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22004878	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99271	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038772
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/125159	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/42260/

Impacted products

Vendor	Product	Version
ibm	data_server_client	-
ibm	data_server_driver_for_odbc_and_cli	-
ibm	data_server_driver_package	-
ibm	data_server_runtime_client	-
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	11.1
ibm	db2	11.1
ibm	db2	11.1
ibm	db2	11.1
ibm	db2	11.1
ibm	db2_connect	9.7
ibm	db2_connect	9.7
ibm	db2_connect	9.7
ibm	db2_connect	10.1
ibm	db2_connect	10.1
ibm	db2_connect	10.1
ibm	db2_connect	10.5
ibm	db2_connect	10.5
ibm	db2_connect	10.5
ibm	db2_connect	11.1.0.0
ibm	db2_connect	11.1.0.0
ibm	db2_connect	11.1.0.0
linux	linux_kernel	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:data_server_client:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DDE6939-06D6-4DD1-BE95-E0724B72AC05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:data_server_driver_for_odbc_and_cli:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "710BA2FD-B8AD-4D5A-8626-5C5AB64F2989",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:data_server_driver_package:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FAA3FCC-ED16-4FAC-ACFB-AD9C87E98FF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:data_server_runtime_client:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8021311A-FAFB-4AE7-8EEC-4D4E1C29F9B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "3D9E7D2A-42B9-4D07-A107-BBD839E59858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "FD27164C-7554-46E1-B755-27C74D2EC3B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "F199F7B4-F273-4D45-AE08-7B5DAE6E0794",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:express:*:*:*",
              "matchCriteriaId": "ACEB3F4A-6411-4456-9B89-A43562189BD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "1749B7DC-08BB-474B-BA5A-52602459C8EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "2ECC11D3-7D77-4823-8B34-DD76E131D74C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "E1D36687-32AF-43E2-97D9-FDF602F89318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "DD80ADF4-35D3-4534-AACD-C00D80870723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:express:*:*:*",
              "matchCriteriaId": "8D274B00-C986-4A5D-94B2-79F4A613D951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "67A935CA-7AF6-4DA9-958E-DF4BC8E2B3BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "A6B1A4DC-7062-4349-8D1A-3DE4B0E68FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "B3681F43-F23B-413D-B871-A40821F4988B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "AE645126-ECD0-40FB-B2BA-5C9EF33EBE69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:express:*:*:*",
              "matchCriteriaId": "9AFEA656-426C-4F18-9737-8985531C7A93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "09B0333F-0E27-40B3-A0DC-618BEA97CBC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "56AA8839-8926-40F1-BB9A-AB648DE7F272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "6ABE0FCB-8E32-4AB6-A8D8-79159FCDD889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "5D92ADEC-6ED8-4B07-AB75-204AED0BF896",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:express:*:*:*",
              "matchCriteriaId": "A2E6CBD8-7DD7-44F7-8F5D-D79074561AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "5273074C-9C2F-458C-9333-BD16B59008CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "3F75FF9A-AAAE-4EFA-B698-230B5CCD0940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "4D38B30C-4CC3-43C9-9360-0A79C36A222F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "3599AC98-ACD3-4A09-9764-080A6B8F56A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "44010A01-4E33-4A6D-83DE-6235AEEE90F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "F40068BF-82CC-43D5-99BC-1228337995FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "97626150-FED1-49F7-9CA5-4A5C61A5544C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "C22B49A3-FE14-4677-A141-935AE852E459",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "278FEDCA-CDE6-4EB6-BCD8-B4B0507DC9A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "B0106414-9BB7-4189-B30E-E5D2B92DCD12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "38EB6F60-D89E-4594-A323-3F9A7751E2D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "6A60F310-FB14-4B46-8ECE-310B6690FD7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "E80151B7-9F69-428F-9689-78FF8F24BF61",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159."
    },
    {
      "lang": "es",
      "value": "IBM DB2 para Linux, Unix y Windows 9.2, 10.1, 10.5 y 11.1 (incluido DB2 Connect Server) es vulnerable a un buffer overflow basado en pila --stack-- causado por una inapropiada verificaci\u00f3n de l\u00edmites lo que podr\u00eda permitir a un atacante local ejecutar c\u00f3digo aleatorio."
    }
  ],
  "id": "CVE-2017-1297",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-27T16:29:00.417",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22004878"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99271"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id/1038772"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125159"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://www.exploit-db.com/exploits/42260/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22004878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99271"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038772"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/42260/"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2017-1105

Vulnerability from fkie_nvd - Published: 2017-06-27 16:29 - Updated: 2025-04-20 01:37

Severity ?

7.1 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Summary

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg22003877	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/99264	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.securitytracker.com/id/1038773
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/120668	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg22003877	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99264	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038773
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/120668	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	data_server_client	-
ibm	data_server_driver_for_odbc_and_cli	-
ibm	data_server_driver_package	-
ibm	data_server_runtime_client	-
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	11.1
ibm	db2	11.1
ibm	db2	11.1
ibm	db2	11.1
ibm	db2	11.1
ibm	db2_connect	9.7
ibm	db2_connect	9.7
ibm	db2_connect	9.7
ibm	db2_connect	10.1
ibm	db2_connect	10.1
ibm	db2_connect	10.1
ibm	db2_connect	10.5
ibm	db2_connect	10.5
ibm	db2_connect	10.5
ibm	db2_connect	11.1.0.0
ibm	db2_connect	11.1.0.0
ibm	db2_connect	11.1.0.0
linux	linux_kernel	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:data_server_client:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DDE6939-06D6-4DD1-BE95-E0724B72AC05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:data_server_driver_for_odbc_and_cli:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "710BA2FD-B8AD-4D5A-8626-5C5AB64F2989",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:data_server_driver_package:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FAA3FCC-ED16-4FAC-ACFB-AD9C87E98FF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:data_server_runtime_client:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8021311A-FAFB-4AE7-8EEC-4D4E1C29F9B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "3D9E7D2A-42B9-4D07-A107-BBD839E59858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "FD27164C-7554-46E1-B755-27C74D2EC3B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "F199F7B4-F273-4D45-AE08-7B5DAE6E0794",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:express:*:*:*",
              "matchCriteriaId": "ACEB3F4A-6411-4456-9B89-A43562189BD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "1749B7DC-08BB-474B-BA5A-52602459C8EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "2ECC11D3-7D77-4823-8B34-DD76E131D74C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "E1D36687-32AF-43E2-97D9-FDF602F89318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "DD80ADF4-35D3-4534-AACD-C00D80870723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:express:*:*:*",
              "matchCriteriaId": "8D274B00-C986-4A5D-94B2-79F4A613D951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "67A935CA-7AF6-4DA9-958E-DF4BC8E2B3BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "A6B1A4DC-7062-4349-8D1A-3DE4B0E68FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "B3681F43-F23B-413D-B871-A40821F4988B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "AE645126-ECD0-40FB-B2BA-5C9EF33EBE69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:express:*:*:*",
              "matchCriteriaId": "9AFEA656-426C-4F18-9737-8985531C7A93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "09B0333F-0E27-40B3-A0DC-618BEA97CBC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "56AA8839-8926-40F1-BB9A-AB648DE7F272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "6ABE0FCB-8E32-4AB6-A8D8-79159FCDD889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "5D92ADEC-6ED8-4B07-AB75-204AED0BF896",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:express:*:*:*",
              "matchCriteriaId": "A2E6CBD8-7DD7-44F7-8F5D-D79074561AB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "5273074C-9C2F-458C-9333-BD16B59008CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "3F75FF9A-AAAE-4EFA-B698-230B5CCD0940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "4D38B30C-4CC3-43C9-9360-0A79C36A222F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "3599AC98-ACD3-4A09-9764-080A6B8F56A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "44010A01-4E33-4A6D-83DE-6235AEEE90F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "F40068BF-82CC-43D5-99BC-1228337995FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "97626150-FED1-49F7-9CA5-4A5C61A5544C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "C22B49A3-FE14-4677-A141-935AE852E459",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "278FEDCA-CDE6-4EB6-BCD8-B4B0507DC9A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "B0106414-9BB7-4189-B30E-E5D2B92DCD12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "38EB6F60-D89E-4594-A323-3F9A7751E2D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "6A60F310-FB14-4B46-8ECE-310B6690FD7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "E80151B7-9F69-428F-9689-78FF8F24BF61",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668."
    },
    {
      "lang": "es",
      "value": "IBM DB2 para Linux, UNIX y Windows 9.2, 10,1, 10.5 y 11.1 (incluido DB2 Connect Server) es vulnerable a un desbordamiento de b\u00fafer que podr\u00eda permitir que un usuario local sobrescriba archivos DB2 o provoque una denegaci\u00f3n de servicio (DoS). IBM X-Force ID: 120668."
    }
  ],
  "id": "CVE-2017-1105",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-27T16:29:00.323",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22003877"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99264"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id/1038773"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120668"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg22003877"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99264"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038773"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120668"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2016-5995

Vulnerability from fkie_nvd - Published: 2016-10-01 01:59 - Updated: 2025-04-12 10:46

Severity ?

7.3 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Summary

Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010	Permissions Required
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011	Permissions Required
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012	Permissions Required
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21990061	Patch, Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/93012
psirt@us.ibm.com	http://www.securitytracker.com/id/1036837
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21990061	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/93012
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036837

Impacted products

Vendor	Product	Version
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	9.7
ibm	db2	9.7.0.1
ibm	db2	9.7.0.1
ibm	db2	9.7.0.1
ibm	db2	9.7.0.1
ibm	db2	9.7.0.1
ibm	db2	9.7.0.1
ibm	db2	9.7.0.2
ibm	db2	9.7.0.2
ibm	db2	9.7.0.2
ibm	db2	9.7.0.2
ibm	db2	9.7.0.2
ibm	db2	9.7.0.2
ibm	db2	9.7.0.3
ibm	db2	9.7.0.3
ibm	db2	9.7.0.3
ibm	db2	9.7.0.3
ibm	db2	9.7.0.3
ibm	db2	9.7.0.3
ibm	db2	9.7.0.4
ibm	db2	9.7.0.4
ibm	db2	9.7.0.4
ibm	db2	9.7.0.4
ibm	db2	9.7.0.4
ibm	db2	9.7.0.4
ibm	db2	9.7.0.5
ibm	db2	9.7.0.5
ibm	db2	9.7.0.5
ibm	db2	9.7.0.5
ibm	db2	9.7.0.5
ibm	db2	9.7.0.5
ibm	db2	9.7.0.6
ibm	db2	9.7.0.6
ibm	db2	9.7.0.6
ibm	db2	9.7.0.6
ibm	db2	9.7.0.6
ibm	db2	9.7.0.6
ibm	db2	9.7.0.7
ibm	db2	9.7.0.7
ibm	db2	9.7.0.7
ibm	db2	9.7.0.7
ibm	db2	9.7.0.7
ibm	db2	9.7.0.7
ibm	db2	9.7.0.8
ibm	db2	9.7.0.8
ibm	db2	9.7.0.8
ibm	db2	9.7.0.8
ibm	db2	9.7.0.8
ibm	db2	9.7.0.8
ibm	db2	9.7.0.9
ibm	db2	9.7.0.9
ibm	db2	9.7.0.9
ibm	db2	9.7.0.9
ibm	db2	9.7.0.9
ibm	db2	9.7.0.9
ibm	db2	9.7.0.10
ibm	db2	9.7.0.10
ibm	db2	9.7.0.10
ibm	db2	9.7.0.10
ibm	db2	9.7.0.10
ibm	db2	9.7.0.10
ibm	db2	9.7.0.11
ibm	db2	9.7.0.11
ibm	db2	9.7.0.11
ibm	db2	9.7.0.11
ibm	db2	9.7.0.11
ibm	db2	9.7.0.11
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.1
ibm	db2	10.1.0.1
ibm	db2	10.1.0.1
ibm	db2	10.1.0.1
ibm	db2	10.1.0.1
ibm	db2	10.1.0.1
ibm	db2	10.1.0.1
ibm	db2	10.1.0.2
ibm	db2	10.1.0.2
ibm	db2	10.1.0.2
ibm	db2	10.1.0.2
ibm	db2	10.1.0.2
ibm	db2	10.1.0.2
ibm	db2	10.1.0.3
ibm	db2	10.1.0.3
ibm	db2	10.1.0.3
ibm	db2	10.1.0.3
ibm	db2	10.1.0.3
ibm	db2	10.1.0.3
ibm	db2	10.1.0.4
ibm	db2	10.1.0.4
ibm	db2	10.1.0.4
ibm	db2	10.1.0.4
ibm	db2	10.1.0.4
ibm	db2	10.1.0.4
ibm	db2	10.1.0.5
ibm	db2	10.1.0.5
ibm	db2	10.1.0.5
ibm	db2	10.1.0.5
ibm	db2	10.1.0.5
ibm	db2	10.1.0.5
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	10.5
ibm	db2	10.5.0.1
ibm	db2	10.5.0.1
ibm	db2	10.5.0.1
ibm	db2	10.5.0.1
ibm	db2	10.5.0.1
ibm	db2	10.5.0.1
ibm	db2	10.5.0.2
ibm	db2	10.5.0.2
ibm	db2	10.5.0.2
ibm	db2	10.5.0.2
ibm	db2	10.5.0.2
ibm	db2	10.5.0.2
ibm	db2	10.5.0.3
ibm	db2	10.5.0.3
ibm	db2	10.5.0.3
ibm	db2	10.5.0.3
ibm	db2	10.5.0.3
ibm	db2	10.5.0.3
ibm	db2	10.5.0.4
ibm	db2	10.5.0.4
ibm	db2	10.5.0.4
ibm	db2	10.5.0.4
ibm	db2	10.5.0.4
ibm	db2	10.5.0.4
ibm	db2	10.5.0.5
ibm	db2	10.5.0.5
ibm	db2	10.5.0.5
ibm	db2	10.5.0.5
ibm	db2	10.5.0.5
ibm	db2	10.5.0.5
ibm	db2	10.5.0.6
ibm	db2	10.5.0.6
ibm	db2	10.5.0.6
ibm	db2	10.5.0.6
ibm	db2	10.5.0.6
ibm	db2	10.5.0.6
ibm	db2	10.5.0.7
ibm	db2	10.5.0.7
ibm	db2	10.5.0.7
ibm	db2	10.5.0.7
ibm	db2	10.5.0.7
ibm	db2	10.5.0.7
ibm	db2	11.1.0.0
ibm	db2	11.1.0.0
ibm	db2	11.1.0.0
ibm	db2	11.1.0.0
ibm	db2	11.1.0.0
ibm	db2	11.1.0.0
ibm	db2_connect	9.7
ibm	db2_connect	9.7
ibm	db2_connect	9.7
ibm	db2_connect	9.7.0.1
ibm	db2_connect	9.7.0.1
ibm	db2_connect	9.7.0.1
ibm	db2_connect	9.7.0.2
ibm	db2_connect	9.7.0.2
ibm	db2_connect	9.7.0.2
ibm	db2_connect	9.7.0.3
ibm	db2_connect	9.7.0.3
ibm	db2_connect	9.7.0.3
ibm	db2_connect	9.7.0.4
ibm	db2_connect	9.7.0.4
ibm	db2_connect	9.7.0.4
ibm	db2_connect	9.7.0.5
ibm	db2_connect	9.7.0.5
ibm	db2_connect	9.7.0.5
ibm	db2_connect	9.7.0.6
ibm	db2_connect	9.7.0.6
ibm	db2_connect	9.7.0.6
ibm	db2_connect	9.7.0.7
ibm	db2_connect	9.7.0.7
ibm	db2_connect	9.7.0.7
ibm	db2_connect	9.7.0.8
ibm	db2_connect	9.7.0.8
ibm	db2_connect	9.7.0.8
ibm	db2_connect	9.7.0.9
ibm	db2_connect	9.7.0.9
ibm	db2_connect	9.7.0.9
ibm	db2_connect	9.7.0.10
ibm	db2_connect	9.7.0.10
ibm	db2_connect	9.7.0.10
ibm	db2_connect	9.7.0.11
ibm	db2_connect	9.7.0.11
ibm	db2_connect	9.7.0.11
ibm	db2_connect	10.1
ibm	db2_connect	10.1
ibm	db2_connect	10.1
ibm	db2_connect	10.1.0.1
ibm	db2_connect	10.1.0.1
ibm	db2_connect	10.1.0.1
ibm	db2_connect	10.1.0.2
ibm	db2_connect	10.1.0.2
ibm	db2_connect	10.1.0.2
ibm	db2_connect	10.1.0.3
ibm	db2_connect	10.1.0.3
ibm	db2_connect	10.1.0.3
ibm	db2_connect	10.1.0.4
ibm	db2_connect	10.1.0.4
ibm	db2_connect	10.1.0.4
ibm	db2_connect	10.1.0.5
ibm	db2_connect	10.1.0.5
ibm	db2_connect	10.1.0.5
ibm	db2_connect	10.5
ibm	db2_connect	10.5
ibm	db2_connect	10.5
ibm	db2_connect	10.5.0.1
ibm	db2_connect	10.5.0.1
ibm	db2_connect	10.5.0.1
ibm	db2_connect	10.5.0.2
ibm	db2_connect	10.5.0.2
ibm	db2_connect	10.5.0.2
ibm	db2_connect	10.5.0.3
ibm	db2_connect	10.5.0.3
ibm	db2_connect	10.5.0.3
ibm	db2_connect	10.5.0.4
ibm	db2_connect	10.5.0.4
ibm	db2_connect	10.5.0.4
ibm	db2_connect	10.5.0.5
ibm	db2_connect	10.5.0.5
ibm	db2_connect	10.5.0.5
ibm	db2_connect	10.5.0.6
ibm	db2_connect	10.5.0.6
ibm	db2_connect	10.5.0.6
ibm	db2_connect	10.5.0.7
ibm	db2_connect	10.5.0.7
ibm	db2_connect	10.5.0.7
ibm	db2_connect	11.1.0.0
ibm	db2_connect	11.1.0.0
ibm	db2_connect	11.1.0.0
hp	hp-ux	*
ibm	aix	*
linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "3D9E7D2A-42B9-4D07-A107-BBD839E59858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "FD27164C-7554-46E1-B755-27C74D2EC3B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "F199F7B4-F273-4D45-AE08-7B5DAE6E0794",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:express:*:*:*",
              "matchCriteriaId": "ACEB3F4A-6411-4456-9B89-A43562189BD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "1749B7DC-08BB-474B-BA5A-52602459C8EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A8E221-7045-4BAD-9B29-ABBC5216559D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "178CD2CC-B0D6-4F9B-A831-A2ACCB7A84A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "21A98521-C943-4161-A363-B7B95BDA9834",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "C214C846-04C9-4F22-A7D3-0198D9DC7F72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:express:*:*:*",
              "matchCriteriaId": "D6A59399-CBAB-47F2-A10B-30AAD4CBB155",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "F7517329-D20E-47F1-95F1-77B8F5675D65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C39DC1-AD23-4F26-9727-EC0FBDF84BEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "72FA0609-7995-4424-A8C9-B804300D54DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "BE75DDE9-58B4-4851-A1B2-65CB8E877C51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "8ADE94C4-769A-4AAE-A5FB-55575016D51A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:express:*:*:*",
              "matchCriteriaId": "63999EAB-82B3-4617-B81D-57B1230CC8D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "F97D1D66-0CC4-4CB4-AEEC-1A89825430B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2513D42C-E558-4CC7-88D3-BB44F1B40157",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "654ADB90-BD74-4D48-AACA-6A5872188489",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "CB725265-78B3-46C2-8440-D0774E1546E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "1E62C8AD-00D0-4D01-89A2-5C167EFA01BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:express:*:*:*",
              "matchCriteriaId": "286FE494-777D-4833-8155-73EBFE5FE9F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "75A10653-BDF2-400F-9BE6-D97D206FA05B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F441BE8-AEC0-44F0-875E-03C65A45CF68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "969490BD-E0E7-4084-B7DE-4E1F8A577A3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "AA58137A-A4CA-4599-89A7-7ECFFEC6FD21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "73419A77-34EC-405D-A0DD-F74038A9AA55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:express:*:*:*",
              "matchCriteriaId": "E7AFFD68-912E-4EC3-8BD3-AFB0FF2ED35B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "53AF9275-862F-4B16-B396-644A4274F59C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E9715-CFAA-4F2A-B432-181EDCA3D812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "15800A2B-0F00-41A6-984F-B240A8808EB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "A3CF9276-2F50-4276-9599-4C1FACDD5FDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "2F894A3D-A9A5-4031-B06A-967659941B4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:express:*:*:*",
              "matchCriteriaId": "C86BD01F-EDC8-4DF8-B9ED-5FBB73CFF207",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "15BBE131-F21A-4B7F-B9B7-364EF4030881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A55FBA0-4DFC-493D-91EF-EB56C241F9CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "A390F0B7-D555-4C97-B15B-AC6A43787E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "F90DFB7F-6814-4B10-B7C7-E237464D3D78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "4F5EAB4D-E6C3-4D39-AD82-DEFBB53919EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:express:*:*:*",
              "matchCriteriaId": "48334AA6-4F27-4E4B-A18A-264654225886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "62F74620-7648-4EC9-8677-E9454B8EAB17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B539123F-B8AC-4051-9458-A780C68E9667",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "F120F1BA-E1CA-4334-B9D4-E8AD3DAFC713",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "7AA3EE6C-8312-403B-84E6-DBD7510DBE3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "2074CA1A-BB2A-4F60-8547-0A39BEDD09F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:express:*:*:*",
              "matchCriteriaId": "72EB4294-534E-4AE1-8F29-E0D135E1E7F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.7:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "D5AF5C44-3736-4FA0-BA19-2845F57BB043",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3958E50-1F97-4C06-AF22-C635FB2557A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "7FBF2CE1-BF7E-4635-A4C2-B8F5F2338161",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "296B7182-3453-47D1-B54A-C2D1336424B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "AABD6673-F7A6-486A-A83E-89F0172311ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:express:*:*:*",
              "matchCriteriaId": "5A1D1E23-2979-4188-B12D-66CF0F681354",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.8:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "9B31EAB3-D885-452A-93B2-22A3F94FEB08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "57AC4D14-805A-42F6-9348-D13C9A48136F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "BE50990D-E66E-4A19-88D8-7B5CB5CA4A08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "FD0EE0C0-B089-4A2A-8438-3F31BA1CCB3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "E76E023D-7784-4B6C-BD01-534CAF5593D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:express:*:*:*",
              "matchCriteriaId": "22406FC8-D248-4F29-9ACC-C5F759EC6FC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.9:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "5640DC5A-2C5E-4B17-95D9-5FBCF73A5C66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B54C55B-9288-4E04-B0D6-6765E5217DFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "31215FF9-5DEC-4B2B-86C3-1ADE658F6B04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "B39D6D16-6B10-4C87-BFA4-981ABD4DFD88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "C8640FCE-EA72-43BD-939A-AF48E1B534C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:express:*:*:*",
              "matchCriteriaId": "F926754F-71A8-4570-B5F7-38C7F1F9C464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.10:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "4E028577-7C4C-4091-81F4-7872CC6F2E5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA99C5A3-D43E-4942-AE87-8DA46FCDCD47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "5A3E5BD5-6C94-4128-BA0B-1F434E185746",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "D608FE25-68DB-4436-9C30-14B2D509F7D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "7647800B-5603-42A4-8CBC-6A0BA228F1D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:express:*:*:*",
              "matchCriteriaId": "95C63204-F838-4CE4-B98C-21461E8028D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7.0.11:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "938864B9-44D0-47E6-9961-9C4474AC6643",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "2ECC11D3-7D77-4823-8B34-DD76E131D74C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "E1D36687-32AF-43E2-97D9-FDF602F89318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "DD80ADF4-35D3-4534-AACD-C00D80870723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:express:*:*:*",
              "matchCriteriaId": "8D274B00-C986-4A5D-94B2-79F4A613D951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "67A935CA-7AF6-4DA9-958E-DF4BC8E2B3BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5FA4086-9B5D-4352-B717-3F826DE17D4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "D3396279-1384-42C7-AE23-9C22027BF849",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "2B41AD1A-4EC2-4FB9-BE50-07F4EA8DB52A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "08B19729-1FF1-4253-9C76-707357FC3085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:express:*:*:*",
              "matchCriteriaId": "84283835-03F9-496B-B22F-C201BB53F9CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.1:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "221885F3-AD20-46B4-983F-51349493B259",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD79FF24-6C10-437B-86AF-E211B8C6FDC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "92E3C74F-6764-4D96-B5BC-2395B95F8A8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "2811974B-5CBD-4A14-8309-6FAC942B36EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "957BCDB3-D975-451D-8EB8-B06BFDF22AAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:express:*:*:*",
              "matchCriteriaId": "2F46AA23-B030-4752-9B23-0B84A9A9D849",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.2:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "EB7647F0-40F1-4861-8F5A-7A60D0406171",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ABB145C-44EE-47F5-9439-DE6433F8008E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "B7B3A7E6-72C8-48AF-85D7-2D8B47545E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "9385C154-3FE2-4C9B-ABB2-E0AC9D32F410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "8B05B2E7-77DB-4C2A-8FB0-81AE7424573E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:express:*:*:*",
              "matchCriteriaId": "66361477-AF76-4C7B-A400-473448F48C3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.3:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "C5F04C50-77EB-4D29-B17A-B6962BB71A95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F138E08-6808-4371-9E9C-096B01126B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "DE8DB42E-633E-483A-84F0-404900E9CEA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "70CA5418-9B60-4972-B38E-12560C3ADFA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "71990C6B-6942-4319-90A2-19F5ED136B14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:express:*:*:*",
              "matchCriteriaId": "CF3CB891-AE62-4E0E-926A-7355554E022E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.4:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "57513E4A-AC67-4DC3-8FAD-309BBEF64360",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "813AE6CA-39B5-448C-8781-F2C3B499160A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "B3F57784-9A43-4B4B-8910-C8509CF92EBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "DE19053A-9DE6-40AA-BFAA-CE98AB1360F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "456DF2B9-1107-4F4B-BF8E-2CCCAC5CFCC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:express:*:*:*",
              "matchCriteriaId": "73776FA2-6E94-49FF-AE08-6A4767C1DC30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.1.0.5:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "B60627D6-FBB6-492A-B7FF-2733EA1E8F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "A6B1A4DC-7062-4349-8D1A-3DE4B0E68FC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "B3681F43-F23B-413D-B871-A40821F4988B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "AE645126-ECD0-40FB-B2BA-5C9EF33EBE69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:express:*:*:*",
              "matchCriteriaId": "9AFEA656-426C-4F18-9737-8985531C7A93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "09B0333F-0E27-40B3-A0DC-618BEA97CBC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B27E1F7-888C-40EE-85FF-B5DC099828C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "C66D33C1-8FB6-4840-8797-A0A8822BA657",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "B271D557-5CDE-4B23-AEC3-BEAFA0DD8020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "61CB1EB7-4012-491F-AE13-EDAE4B3F564D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:express:*:*:*",
              "matchCriteriaId": "DCAB0313-EC4D-41BB-AE87-27DADC448DD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.1:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "2C8493DA-57EB-44C8-A47F-519B5A716CD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57DCF076-B475-41E6-B1ED-44FBC99238C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "C59A77F7-10AD-4149-BCAB-44E0C3BD0477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "53158B7F-3D69-4ED0-AFA8-053AE0DD36C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "D9F12837-B444-43D8-BE8B-6723C079D148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:express:*:*:*",
              "matchCriteriaId": "ACDBAE00-B031-4C48-8CD5-B1EAEAC6371A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.2:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "05C71242-D201-49CF-A091-A2400BAB7F45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB1972D-F7FC-4ABA-9DEE-9953D2572944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "2D4622F5-4384-4B62-84E6-AFB01B26717C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "E59FE93E-A983-4F55-8C40-DC0F88372185",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "3BD40599-8F50-4882-AB1F-C6E4BA7E787D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:express:*:*:*",
              "matchCriteriaId": "F04F901A-A846-4E45-8F48-C4D5F86CDFF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.3:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "9D0D0938-DD1F-46F3-BF06-72C6BA85195C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D276299-D403-4C41-ACBF-A23383CB3FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "D10F4882-F09F-449E-BB46-8532FC7E667F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "32618EBA-B913-4DA9-801D-24ED735D50A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "4C1C6574-18E1-4FBC-B78D-788910659710",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:express:*:*:*",
              "matchCriteriaId": "6A03EEE1-E6F3-44B1-B2F4-B1C48F155BD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.4:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "8A5BB979-A1A2-4C1B-879E-8EB96026C7CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5830263A-6970-43B8-BF08-2886327004A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "9B6725E8-476E-41DA-AC46-B898467FE553",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "9AF7330E-EAA4-4063-879D-9DC5B7505EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "73EF53E9-B6C9-4A8F-8EE9-4D190DA686BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:express:*:*:*",
              "matchCriteriaId": "F98A9F67-78B0-40E5-8CAF-37B6B2AA6F03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.5:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "D7AF250F-8D36-4596-9754-2718EFBA5B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F67DD01-F0E6-420E-A144-A8DD001BBBA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "6D38B577-3919-4E91-9EBC-A5E247AAED2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "36831245-948F-443F-A231-F4451154E96B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "89037FB6-8E7D-4E4E-957B-39AC7A7E7693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:express:*:*:*",
              "matchCriteriaId": "382FE250-BD14-4051-9666-4CDDBDF4D6DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.6:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "376217A0-1D6C-4279-9528-D738920A127F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA78533-899B-4482-97A7-7E2730C18C7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "88B4D2AF-6831-4B8B-B093-1ECF8A0BABBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "F64EC511-E8E4-459F-99F2-8B0167B3DC7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "A0D8A2E7-E382-4E9B-A409-0C27C3F6819C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:express:*:*:*",
              "matchCriteriaId": "B254202B-1A6C-4506-BE7F-2B746DF1EFA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:10.5.0.7:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "E7BF68DD-442D-4AA9-9139-A2A0FF903FFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E17D042-0EE4-4F81-8E39-D8730D792BCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:advanced_enterprise:*:*:*",
              "matchCriteriaId": "C73FFACA-DFDF-4B02-A6DD-E08A5136828C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:advanced_workgroup:*:*:*",
              "matchCriteriaId": "69923E2A-8CB3-48CA-A174-41A02EEC5489",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "29C6AA03-EE59-4081-B8EC-5A40A431350E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:express:*:*:*",
              "matchCriteriaId": "4B3F727A-4103-4BF6-8769-CFA3B243E578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:11.1.0.0:*:*:*:workgroup:*:*:*",
              "matchCriteriaId": "1839AE37-C445-4E28-AAD9-3CDDF8AED4EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "3F75FF9A-AAAE-4EFA-B698-230B5CCD0940",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "4D38B30C-4CC3-43C9-9360-0A79C36A222F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "3599AC98-ACD3-4A09-9764-080A6B8F56A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.1:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "C7D25C1C-3560-48B9-A7E1-1E268BDE5A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "2E22AE16-1F17-4F1D-8C00-949729FA3A95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.1:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "B26A6BF8-F321-4EC3-8EE9-1396C0513B55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.2:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "927E9A8F-82B4-4D3B-B800-F1A11A90046E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.2:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "AFD159D3-2FE5-4815-8365-53CC36204B57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.2:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "524EC7BA-7470-4D09-8796-CAF9D5A85DCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.3:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "D044ABF8-2F9A-4505-9BB7-776A90D647C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.3:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "AB7D388A-456A-490A-9D4B-4AE2BCC871C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.3:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "A841C615-D049-44CA-BB0E-BCC526535227",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.4:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "D5BE71A5-6298-4E05-859E-153C47C3B032",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.4:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "D8FC0956-2B4D-43E0-ABD7-23915DCA8E01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.4:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "5528F9F8-80D2-4AA8-B151-FABEABCFFC83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.5:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "113F8614-32BE-4A9E-B770-BE768947C13A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "77B720B6-E253-4FEE-A9EE-CE4C455FBEBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.5:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "2A73D3F8-803E-4E75-9E01-8F004C50190B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.6:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "0592E180-F4DC-424F-93A4-4B0C6350C6F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.6:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "DCAE5624-B81B-4253-A416-D2111B10F29F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.6:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "C662B9B9-D210-484A-9D43-A30585052F31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.7:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "7172F912-E08B-4102-B38D-A3B1671DED62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "B219F088-3C1D-4468-9990-35D48E3C1092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.7:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "FFA270A6-81CD-4D24-B37F-9BE7AD4AC258",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.8:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "7DE842AD-EECE-4CF4-886C-91AF654C7492",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.8:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "6766C050-5775-4C58-BC77-C9B6A8EDF3E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.8:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "AD9377C9-3F5C-4F9A-92FF-18F3E4312CD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.9:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "5E4899B5-2326-4A30-BE94-E66272B14FCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.9:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "E9EBF086-C6C9-4386-9645-3E97A61ADC8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.9:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "DD7C0F7C-7682-49FF-AAA5-C6D59D00214D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.10:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "DF7307CA-59F9-41F9-B7B6-C5EAC6F01883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.10:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "CAFE61E6-92A6-4409-937A-A3620579EFDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.10:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "819EB03B-445B-42A5-96D7-56E1D5D21088",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.11:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "32C4BA27-E82C-4453-BC80-22A74568B229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.11:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "79FEC79B-F178-4D66-97BF-9E6909DB5F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:9.7.0.11:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "AB2DA26B-B0DD-4995-86BD-2BC455888415",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "44010A01-4E33-4A6D-83DE-6235AEEE90F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "F40068BF-82CC-43D5-99BC-1228337995FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "97626150-FED1-49F7-9CA5-4A5C61A5544C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.1:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "C679EB6F-C5C7-4206-B6D4-931D47D99FF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "C2CB92C8-26B8-4CBE-9B1A-2E32BF22AFAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.1:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "84266CFB-28C7-4CA6-9019-F5E76BE4B334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.2:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "3A07AC99-0665-4CF4-A5D3-BDAC0031F4C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.2:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "AD9FB45B-35E8-43B8-B64B-E36EA9B8614E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.2:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "DF0FDD49-560E-4413-9577-4258A205E24F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.3:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "573E9E55-9192-4DAD-808C-40383043E69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.3:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "ED4D2143-BE03-43ED-ADBE-2FE007774356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.3:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "F7D6A273-8D1A-4D5B-A48C-AEF57CB9EB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.4:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "6CF6EBC2-4172-4916-A31B-BDE3257C057B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.4:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "115908C3-8273-482A-BA95-60E7A9309E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.4:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "F3D6B5E7-63F0-4A6E-992D-05D4A3A4E189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.5:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "78CF81B1-08BA-4216-9FB1-B5430F0474BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "73C671CA-712E-485B-97DD-FA6246FAA61F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.1.0.5:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "FC5837DD-D508-4695-ADF8-2AAE0D853CCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "C22B49A3-FE14-4677-A141-935AE852E459",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "278FEDCA-CDE6-4EB6-BCD8-B4B0507DC9A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "B0106414-9BB7-4189-B30E-E5D2B92DCD12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.1:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "057148B7-7877-406B-BCCA-4F73EB763E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.1:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "FCE19A5D-FD98-4894-9E3F-402201183C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.1:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "657F1C1B-7C19-499A-9E83-5C02E6CCBBF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.2:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "87F1950D-DA81-4FE9-92A7-FFA4C848712C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.2:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "D88F6FBC-E7EC-4DCD-83C2-B97796A8FABE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.2:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "7C1FDAEF-9898-45BF-B6F8-3B11643E3E21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.3:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "BB04D50F-A3D4-450B-9B54-B01EF5262875",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.3:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "2BFBADE9-6B3A-4E57-B5C7-CB1F64A2A117",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.3:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "DBF9677A-C9A3-4E7B-9F6C-D5B25D3199E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.4:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "8E9DC60B-AD0B-411E-8C45-FC13BAE808E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.4:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "BE06C451-7ACE-4C51-97D3-0706670289A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.4:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "A485805A-CAD3-4413-9884-B5FDA2335EE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.5:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "813AE8F1-4CBC-48C1-BD8A-E34B504FCCEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "A7F6A685-02F4-4588-9E93-F5B3786C3798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.5:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "D9F2DA09-A6AB-4E8E-8DD2-944F3C212C77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.6:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "8E6366D7-1F03-458D-A85B-F58A7C42EA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.6:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "FACC7C87-6BB7-4538-B6FC-0B751D674855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.6:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "4EA683DC-1241-4B82-BEAC-E5A1DA37CEFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.7:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "DC1FDA00-1A3E-4520-ABBA-F9A28CF1D5D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.7:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "C6B3BA4F-A16F-466E-890D-342A11A4D91A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:10.5.0.7:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "4B778C91-03D0-4A20-9D68-A2F52D9A3302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:application_server:*:*:*",
              "matchCriteriaId": "38EB6F60-D89E-4594-A323-3F9A7751E2D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "6A60F310-FB14-4B46-8ECE-310B6690FD7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_connect:11.1.0.0:*:*:*:unlimited:*:*:*",
              "matchCriteriaId": "E80151B7-9F69-428F-9689-78FF8F24BF61",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en IBM DB2 9.7 hasta la versi\u00f3n FP11, 10.1 hasta la versi\u00f3n FP5, 10.5 en versiones anteriores a FP8 y 11.1 GA en Linux, AIX y HP-UX permite a usuarios locales obtener privilegios a trav\u00e9s de una librer\u00eda troyanizada a la que se accede mediante un programa setuid o setgid."
    }
  ],
  "id": "CVE-2016-5995",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-10-01T01:59:08.537",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990061"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securityfocus.com/bid/93012"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id/1036837"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/93012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036837"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2017-1451 (GCVE-0-2017-1451)

Vulnerability from cvelistv5 – Published: 2017-09-12 21:00 – Updated: 2024-09-16 22:46

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178.

Severity ?

No CVSS data available.

CWE

Gain Privileges

Assigner

ibm

References

URL

Tags

	http://www.securitytracker.com/id/1039301	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22006061	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/100690	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:30.239Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039301",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039301"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128178"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
          },
          {
            "name": "100690",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100690"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1039301",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039301"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128178"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
        },
        {
          "name": "100690",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100690"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1451",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039301",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039301"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128178",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128178"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22006061",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
            },
            {
              "name": "100690",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100690"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1451",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T22:46:02.718Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1452 (GCVE-0-2017-1452)

Vulnerability from cvelistv5 – Published: 2017-09-12 21:00 – Updated: 2024-09-16 21:58

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180.

Severity ?

No CVSS data available.

CWE

Gain Privileges

Assigner

ibm

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.securityfocus.com/bid/100698	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1039299	vdb-entryx_refsource_SECTRACK
	http://www.ibm.com/support/docview.wss?uid=swg22006109	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:30.259Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180"
          },
          {
            "name": "100698",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100698"
          },
          {
            "name": "1039299",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039299"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22006109"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180"
        },
        {
          "name": "100698",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100698"
        },
        {
          "name": "1039299",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039299"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22006109"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1452",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180"
            },
            {
              "name": "100698",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100698"
            },
            {
              "name": "1039299",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039299"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22006109",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22006109"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1452",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T21:58:11.669Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1434 (GCVE-0-2017-1434)

Vulnerability from cvelistv5 – Published: 2017-09-12 21:00 – Updated: 2024-09-16 18:03

Summary

IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user.

Severity ?

No CVSS data available.

CWE

Obtain Information

Assigner

ibm

References

URL

Tags

	http://www.securitytracker.com/id/1039297	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22005740	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/100693	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:30.237Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039297",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039297"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127806"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22005740"
          },
          {
            "name": "100693",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100693"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Obtain Information",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1039297",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039297"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127806"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22005740"
        },
        {
          "name": "100693",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100693"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1434",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Obtain Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039297",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039297"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127806",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127806"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22005740",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22005740"
            },
            {
              "name": "100693",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100693"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1434",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T18:03:53.908Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1520 (GCVE-0-2017-1520)

Vulnerability from cvelistv5 – Published: 2017-09-12 21:00 – Updated: 2024-09-16 17:37

Summary

IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830.

Severity ?

No CVSS data available.

CWE

Configuration

Assigner

ibm

References

URL

Tags

	http://www.securitytracker.com/id/1039308	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/100684	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22007186	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:29.968Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039308",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039308"
          },
          {
            "name": "100684",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100684"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129830"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22007186"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Configuration",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1039308",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039308"
        },
        {
          "name": "100684",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100684"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129830"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22007186"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-08T00:00:00",
          "ID": "CVE-2017-1520",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Configuration"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039308",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039308"
            },
            {
              "name": "100684",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100684"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129830",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129830"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22007186",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22007186"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1520",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T17:37:46.801Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1439 (GCVE-0-2017-1439)

Vulnerability from cvelistv5 – Published: 2017-09-12 21:00 – Updated: 2024-09-16 22:15

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058.

Severity ?

No CVSS data available.

CWE

Gain Privileges

Assigner

ibm

References

URL

Tags

	http://www.securitytracker.com/id/1039301	vdb-entryx_refsource_SECTRACK
	http://www.ibm.com/support/docview.wss?uid=swg22006061	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/100690	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:29.653Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039301",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039301"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
          },
          {
            "name": "100690",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100690"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128058"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1039301",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039301"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
        },
        {
          "name": "100690",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100690"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128058"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1439",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039301",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039301"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22006061",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
            },
            {
              "name": "100690",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100690"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128058",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128058"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1439",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T22:15:16.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1438 (GCVE-0-2017-1438)

Vulnerability from cvelistv5 – Published: 2017-09-12 21:00 – Updated: 2024-09-17 02:57

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057.

Severity ?

No CVSS data available.

CWE

Gain Privileges

Assigner

ibm

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22006885	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039300	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/100685	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:29.564Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128057"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22006885"
          },
          {
            "name": "1039300",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039300"
          },
          {
            "name": "100685",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100685"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128057"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22006885"
        },
        {
          "name": "1039300",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039300"
        },
        {
          "name": "100685",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100685"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1438",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128057",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128057"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22006885",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22006885"
            },
            {
              "name": "1039300",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039300"
            },
            {
              "name": "100685",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100685"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1438",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-17T02:57:10.720Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1519 (GCVE-0-2017-1519)

Vulnerability from cvelistv5 – Published: 2017-09-12 21:00 – Updated: 2024-09-17 02:27

Summary

IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829.

Severity ?

No CVSS data available.

CWE

Denial of Service

Assigner

ibm

References

URL

Tags

	http://www.securitytracker.com/id/1039298	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/100688	vdb-entryx_refsource_BID
	http://www.ibm.com/support/docview.wss?uid=swg22007183	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:29.648Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039298",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039298"
          },
          {
            "name": "100688",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100688"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22007183"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1039298",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039298"
        },
        {
          "name": "100688",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100688"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22007183"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1519",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039298",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039298"
            },
            {
              "name": "100688",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100688"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22007183",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22007183"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1519",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-17T02:27:20.115Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1297 (GCVE-0-2017-1297)

Vulnerability from cvelistv5 – Published: 2017-06-27 16:00 – Updated: 2024-08-05 13:32

Summary

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159.

Severity ?

No CVSS data available.

CWE

Gain Privileges

Assigner

ibm

References

URL

Tags

	http://www.securityfocus.com/bid/99271	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22004878	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1038772	vdb-entryx_refsource_SECTRACK
	https://www.exploit-db.com/exploits/42260/	exploitx_refsource_EXPLOIT-DB

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:28.490Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99271",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99271"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125159"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22004878"
          },
          {
            "name": "1038772",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038772"
          },
          {
            "name": "42260",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/42260/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-06-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-11T15:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "99271",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99271"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125159"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22004878"
        },
        {
          "name": "1038772",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038772"
        },
        {
          "name": "42260",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/42260/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2017-1297",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99271",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99271"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125159",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125159"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22004878",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22004878"
            },
            {
              "name": "1038772",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038772"
            },
            {
              "name": "42260",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/42260/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1297",
    "datePublished": "2017-06-27T16:00:00",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-08-05T13:32:28.490Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1105 (GCVE-0-2017-1105)

Vulnerability from cvelistv5 – Published: 2017-06-27 16:00 – Updated: 2024-08-05 13:25

Summary

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668.

Severity ?

No CVSS data available.

CWE

Denial of Service

Assigner

ibm

References

URL

Tags

	http://www.securityfocus.com/bid/99264	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1038773	vdb-entryx_refsource_SECTRACK
	http://www.ibm.com/support/docview.wss?uid=swg22003877	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:25:17.096Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99264",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99264"
          },
          {
            "name": "1038773",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038773"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22003877"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120668"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-06-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-06T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "99264",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99264"
        },
        {
          "name": "1038773",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038773"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22003877"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120668"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2017-1105",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99264",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99264"
            },
            {
              "name": "1038773",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038773"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22003877",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22003877"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120668",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120668"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1105",
    "datePublished": "2017-06-27T16:00:00",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-08-05T13:25:17.096Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-5995 (GCVE-0-2016-5995)

Vulnerability from cvelistv5 – Published: 2016-10-01 01:00 – Updated: 2024-08-06 01:15

Summary

Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

ibm

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www.securitytracker.com/id/1036837	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/93012	vdb-entryx_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:15:10.659Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IT17012",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012"
          },
          {
            "name": "IT16921",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921"
          },
          {
            "name": "1036837",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036837"
          },
          {
            "name": "93012",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93012"
          },
          {
            "name": "IT17010",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990061"
          },
          {
            "name": "IT17011",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-09-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-29T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "IT17012",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012"
        },
        {
          "name": "IT16921",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921"
        },
        {
          "name": "1036837",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036837"
        },
        {
          "name": "93012",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93012"
        },
        {
          "name": "IT17010",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990061"
        },
        {
          "name": "IT17011",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2016-5995",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IT17012",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012"
            },
            {
              "name": "IT16921",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921"
            },
            {
              "name": "1036837",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036837"
            },
            {
              "name": "93012",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93012"
            },
            {
              "name": "IT17010",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21990061",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990061"
            },
            {
              "name": "IT17011",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2016-5995",
    "datePublished": "2016-10-01T01:00:00",
    "dateReserved": "2016-06-29T00:00:00",
    "dateUpdated": "2024-08-06T01:15:10.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1451 (GCVE-0-2017-1451)

Vulnerability from nvd – Published: 2017-09-12 21:00 – Updated: 2024-09-16 22:46

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178.

Severity ?

No CVSS data available.

CWE

Gain Privileges

Assigner

ibm

References

URL

Tags

	http://www.securitytracker.com/id/1039301	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22006061	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/100690	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:30.239Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039301",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039301"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128178"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
          },
          {
            "name": "100690",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100690"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1039301",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039301"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128178"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
        },
        {
          "name": "100690",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100690"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1451",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039301",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039301"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128178",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128178"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22006061",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
            },
            {
              "name": "100690",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100690"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1451",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T22:46:02.718Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1452 (GCVE-0-2017-1452)

Vulnerability from nvd – Published: 2017-09-12 21:00 – Updated: 2024-09-16 21:58

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180.

Severity ?

No CVSS data available.

CWE

Gain Privileges

Assigner

ibm

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.securityfocus.com/bid/100698	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1039299	vdb-entryx_refsource_SECTRACK
	http://www.ibm.com/support/docview.wss?uid=swg22006109	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:30.259Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180"
          },
          {
            "name": "100698",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100698"
          },
          {
            "name": "1039299",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039299"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22006109"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180"
        },
        {
          "name": "100698",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100698"
        },
        {
          "name": "1039299",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039299"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22006109"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1452",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128180"
            },
            {
              "name": "100698",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100698"
            },
            {
              "name": "1039299",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039299"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22006109",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22006109"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1452",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T21:58:11.669Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1434 (GCVE-0-2017-1434)

Vulnerability from nvd – Published: 2017-09-12 21:00 – Updated: 2024-09-16 18:03

Summary

IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user.

Severity ?

No CVSS data available.

CWE

Obtain Information

Assigner

ibm

References

URL

Tags

	http://www.securitytracker.com/id/1039297	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22005740	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/100693	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:30.237Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039297",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039297"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127806"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22005740"
          },
          {
            "name": "100693",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100693"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Obtain Information",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1039297",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039297"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127806"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22005740"
        },
        {
          "name": "100693",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100693"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1434",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Obtain Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039297",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039297"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127806",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/127806"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22005740",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22005740"
            },
            {
              "name": "100693",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100693"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1434",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T18:03:53.908Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1520 (GCVE-0-2017-1520)

Vulnerability from nvd – Published: 2017-09-12 21:00 – Updated: 2024-09-16 17:37

Summary

IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830.

Severity ?

No CVSS data available.

CWE

Configuration

Assigner

ibm

References

URL

Tags

	http://www.securitytracker.com/id/1039308	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/100684	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22007186	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:29.968Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039308",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039308"
          },
          {
            "name": "100684",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100684"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129830"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22007186"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Configuration",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1039308",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039308"
        },
        {
          "name": "100684",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100684"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129830"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22007186"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-08T00:00:00",
          "ID": "CVE-2017-1520",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Configuration"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039308",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039308"
            },
            {
              "name": "100684",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100684"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129830",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129830"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22007186",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22007186"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1520",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T17:37:46.801Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1439 (GCVE-0-2017-1439)

Vulnerability from nvd – Published: 2017-09-12 21:00 – Updated: 2024-09-16 22:15

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058.

Severity ?

No CVSS data available.

CWE

Gain Privileges

Assigner

ibm

References

URL

Tags

	http://www.securitytracker.com/id/1039301	vdb-entryx_refsource_SECTRACK
	http://www.ibm.com/support/docview.wss?uid=swg22006061	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/100690	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:29.653Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039301",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039301"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
          },
          {
            "name": "100690",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100690"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128058"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1039301",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039301"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
        },
        {
          "name": "100690",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100690"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128058"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1439",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039301",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039301"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22006061",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22006061"
            },
            {
              "name": "100690",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100690"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128058",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128058"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1439",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-16T22:15:16.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1438 (GCVE-0-2017-1438)

Vulnerability from nvd – Published: 2017-09-12 21:00 – Updated: 2024-09-17 02:57

Summary

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057.

Severity ?

No CVSS data available.

CWE

Gain Privileges

Assigner

ibm

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22006885	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039300	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/100685	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:29.564Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128057"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22006885"
          },
          {
            "name": "1039300",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039300"
          },
          {
            "name": "100685",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100685"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128057"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22006885"
        },
        {
          "name": "1039300",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039300"
        },
        {
          "name": "100685",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100685"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1438",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128057",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128057"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22006885",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22006885"
            },
            {
              "name": "1039300",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039300"
            },
            {
              "name": "100685",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100685"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1438",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-17T02:57:10.720Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1519 (GCVE-0-2017-1519)

Vulnerability from nvd – Published: 2017-09-12 21:00 – Updated: 2024-09-17 02:27

Summary

IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829.

Severity ?

No CVSS data available.

CWE

Denial of Service

Assigner

ibm

References

URL

Tags

	http://www.securitytracker.com/id/1039298	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/100688	vdb-entryx_refsource_BID
	http://www.ibm.com/support/docview.wss?uid=swg22007183	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:29.648Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039298",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039298"
          },
          {
            "name": "100688",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/100688"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22007183"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-09-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-13T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1039298",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039298"
        },
        {
          "name": "100688",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/100688"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22007183"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2017-09-07T00:00:00",
          "ID": "CVE-2017-1519",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039298",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039298"
            },
            {
              "name": "100688",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/100688"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22007183",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22007183"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129829"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1519",
    "datePublished": "2017-09-12T21:00:00Z",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-09-17T02:27:20.115Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1297 (GCVE-0-2017-1297)

Vulnerability from nvd – Published: 2017-06-27 16:00 – Updated: 2024-08-05 13:32

Summary

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159.

Severity ?

No CVSS data available.

CWE

Gain Privileges

Assigner

ibm

References

URL

Tags

	http://www.securityfocus.com/bid/99271	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg22004878	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1038772	vdb-entryx_refsource_SECTRACK
	https://www.exploit-db.com/exploits/42260/	exploitx_refsource_EXPLOIT-DB

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:32:28.490Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99271",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99271"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125159"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22004878"
          },
          {
            "name": "1038772",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038772"
          },
          {
            "name": "42260",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/42260/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-06-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-11T15:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "99271",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99271"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125159"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22004878"
        },
        {
          "name": "1038772",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038772"
        },
        {
          "name": "42260",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/42260/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2017-1297",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99271",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99271"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125159",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125159"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22004878",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22004878"
            },
            {
              "name": "1038772",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038772"
            },
            {
              "name": "42260",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/42260/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1297",
    "datePublished": "2017-06-27T16:00:00",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-08-05T13:32:28.490Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-1105 (GCVE-0-2017-1105)

Vulnerability from nvd – Published: 2017-06-27 16:00 – Updated: 2024-08-05 13:25

Summary

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668.

Severity ?

No CVSS data available.

CWE

Denial of Service

Assigner

ibm

References

URL

Tags

	http://www.securityfocus.com/bid/99264	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1038773	vdb-entryx_refsource_SECTRACK
	http://www.ibm.com/support/docview.wss?uid=swg22003877	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	IBM	DB2 for Linux, UNIX and Windows	Affected: 10.5 Affected: 10.1 Affected: 9.7 Affected: 11.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T13:25:17.096Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99264",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99264"
          },
          {
            "name": "1038773",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038773"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22003877"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120668"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 for Linux, UNIX and Windows",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "10.5"
            },
            {
              "status": "affected",
              "version": "10.1"
            },
            {
              "status": "affected",
              "version": "9.7"
            },
            {
              "status": "affected",
              "version": "11.1"
            }
          ]
        }
      ],
      "datePublic": "2017-06-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-06T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "99264",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99264"
        },
        {
          "name": "1038773",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038773"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22003877"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120668"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2017-1105",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 for Linux, UNIX and Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.5"
                          },
                          {
                            "version_value": "10.1"
                          },
                          {
                            "version_value": "9.7"
                          },
                          {
                            "version_value": "11.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. IBM X-Force ID: 120668."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99264",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99264"
            },
            {
              "name": "1038773",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038773"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22003877",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22003877"
            },
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120668",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120668"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2017-1105",
    "datePublished": "2017-06-27T16:00:00",
    "dateReserved": "2016-11-30T00:00:00",
    "dateUpdated": "2024-08-05T13:25:17.096Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-5995 (GCVE-0-2016-5995)

Vulnerability from nvd – Published: 2016-10-01 01:00 – Updated: 2024-08-06 01:15

Summary

Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

ibm

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www.securitytracker.com/id/1036837	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/93012	vdb-entryx_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:15:10.659Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IT17012",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012"
          },
          {
            "name": "IT16921",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921"
          },
          {
            "name": "1036837",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036837"
          },
          {
            "name": "93012",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93012"
          },
          {
            "name": "IT17010",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990061"
          },
          {
            "name": "IT17011",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-09-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-29T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "IT17012",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012"
        },
        {
          "name": "IT16921",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921"
        },
        {
          "name": "1036837",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036837"
        },
        {
          "name": "93012",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93012"
        },
        {
          "name": "IT17010",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990061"
        },
        {
          "name": "IT17011",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2016-5995",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IT17012",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17012"
            },
            {
              "name": "IT16921",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT16921"
            },
            {
              "name": "1036837",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036837"
            },
            {
              "name": "93012",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93012"
            },
            {
              "name": "IT17010",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17010"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21990061",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990061"
            },
            {
              "name": "IT17011",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT17011"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2016-5995",
    "datePublished": "2016-10-01T01:00:00",
    "dateReserved": "2016-06-29T00:00:00",
    "dateUpdated": "2024-08-06T01:15:10.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

51 vulnerabilities found for db2_connect by ibm

CVE-2017-1451 (GCVE-0-2017-1451)

CVE-2017-1452 (GCVE-0-2017-1452)

CVE-2017-1434 (GCVE-0-2017-1434)

CVE-2017-1520 (GCVE-0-2017-1520)

CVE-2017-1439 (GCVE-0-2017-1439)

CVE-2017-1438 (GCVE-0-2017-1438)

CVE-2017-1519 (GCVE-0-2017-1519)

CVE-2017-1297 (GCVE-0-2017-1297)

CVE-2017-1105 (GCVE-0-2017-1105)

CVE-2016-5995 (GCVE-0-2016-5995)

CVE-2017-1451 (GCVE-0-2017-1451)

CVE-2017-1452 (GCVE-0-2017-1452)

CVE-2017-1434 (GCVE-0-2017-1434)

CVE-2017-1520 (GCVE-0-2017-1520)

CVE-2017-1439 (GCVE-0-2017-1439)

CVE-2017-1438 (GCVE-0-2017-1438)

CVE-2017-1519 (GCVE-0-2017-1519)

CVE-2017-1297 (GCVE-0-2017-1297)

CVE-2017-1105 (GCVE-0-2017-1105)

CVE-2016-5995 (GCVE-0-2016-5995)