CVE-2009-1905
published 2009-06-03CVE-2009-1905: The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous…
low2.6CVSS 3.1
AVNACHAuNCPINAN
The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | db2 | <= 8.0 | — |
| ibm | db2 | <= 9.1 | — |
| ibm | db2 | <= 9.5 | — |
| ibm | db2 | — | — |
| ibm | db2 | — | — |