CVE-2010-3739
published 2010-10-05CVE-2010-3739: The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and…
medium6.4CVSS 3.1
AVNACLAuNCPIPAN
The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | db2_universal_database | <= 9.5 | — |
| ibm | db2_universal_database | — | — |