CVE-2008-3856

CWE-2643 documents3 sources
Severity
7.5HIGH
EPSS
0.8%
top 25.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM DB2 Universal Database
Timeline
PublishedAug 28
Latest updateMay 3

Description

The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

Patches

Patch: www-01.ibm.comPatch: www-1.ibm.comPatch: www-1.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-g8fv-c9gr-q25c: The routine infrastructure component in IBM DB2 8 before FP17, 92022-05-03
CVEList
CVE-2008-3856: The routine infrastructure component in IBM DB2 8 before FP17, 92008-08-28
CVE-2008-3856 (HIGH CVSS 7.5) | The routine infrastructure componen | cvebase.io