IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to an information disclosure due to improper privilege management when certain federation features are used. IBM X-Force ID: 252046.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/252046 | VDB Entry Vendor Advisory |
https://security.netapp.com/advisory/ntap-20230731-0007/ | |
https://www.ibm.com/support/pages/node/7010573 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/252046 | VDB Entry Vendor Advisory |
https://security.netapp.com/advisory/ntap-20230731-0007/ | |
https://www.ibm.com/support/pages/node/7010573 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 07:56
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/252046 - VDB Entry, Vendor Advisory | |
References | () https://security.netapp.com/advisory/ntap-20230731-0007/ - | |
References | () https://www.ibm.com/support/pages/node/7010573 - Vendor Advisory |
31 Jul 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Jul 2023, 19:06
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.ibm.com/support/pages/node/7010573 - Vendor Advisory | |
References | (MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/252046 - VDB Entry, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CPE | cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:* cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:* cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:* cpe:2.3:a:ibm:db2:10.5.0.11:*:*:*:*:*:*:* cpe:2.3:a:ibm:db2:11.1.4.7:*:*:*:*:*:*:* cpe:2.3:a:ibm:db2:11.5:*:*:*:*:-:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
CWE | CWE-269 |
10 Jul 2023, 16:27
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-10 16:15
Updated : 2024-11-21 07:56
NVD link : CVE-2023-29256
Mitre link : CVE-2023-29256
CVE.ORG link : CVE-2023-29256
JSON object : View
Products Affected
microsoft
- windows
ibm
- db2
- aix
hp
- hp-ux
oracle
- solaris
linux
- linux_kernel
CWE
CWE-269
Improper Privilege Management