IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/213217 | VDB Entry Vendor Advisory |
https://security.netapp.com/advisory/ntap-20220114-0002/ | Third Party Advisory |
https://www.ibm.com/support/pages/node/6523802 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/213217 | VDB Entry Vendor Advisory |
https://security.netapp.com/advisory/ntap-20220114-0002/ | Third Party Advisory |
https://www.ibm.com/support/pages/node/6523802 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
History
21 Nov 2024, 06:18
Type | Values Removed | Values Added |
---|---|---|
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/213217 - VDB Entry, Vendor Advisory | |
References | () https://security.netapp.com/advisory/ntap-20220114-0002/ - Third Party Advisory | |
References | () https://www.ibm.com/support/pages/node/6523802 - Vendor Advisory |
21 Jan 2022, 14:47
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220114-0002/ - Third Party Advisory |
14 Jan 2022, 07:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Dec 2021, 19:14
Type | Values Removed | Values Added |
---|---|---|
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/213217 - VDB Entry, Vendor Advisory | |
References | (CONFIRM) https://www.ibm.com/support/pages/node/6523802 - Vendor Advisory | |
CWE | CWE-327 | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:a:ibm:db2:10.1:*:*:*:*:-:*:* cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:* cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:* cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:* cpe:2.3:a:ibm:db2:11.5:*:*:*:*:-:*:* cpe:2.3:a:ibm:db2:10.5:-:*:*:*:*:*:* cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
09 Dec 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-09 17:15
Updated : 2024-11-21 06:18
NVD link : CVE-2021-39002
Mitre link : CVE-2021-39002
CVE.ORG link : CVE-2021-39002
JSON object : View
Products Affected
microsoft
- windows
ibm
- db2
- aix
netapp
- oncommand_insight
hp
- hp-ux
oracle
- solaris
linux
- linux_kernel
CWE
CWE-327
Use of a Broken or Risky Cryptographic Algorithm