CVE-2011-1847IBM DB2 vulnerability

CWE-2643 documents3 sources
Severity
4.9MEDIUMNVD
EPSS
1.2%
top 20.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM DB2
Timeline
PublishedMay 3
Latest updateMay 17

Description

IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third party information.

CVSS vector

AV:N/AC:M/C:N/I:P/A:PExploitability: 6.8 | Impact: 4.9

Affected Packages1 packages

NVDibm/db29.5+3

🔴Vulnerability Details

2
GHSA
GHSA-r6pw-rf9m-9v7g: IBM DB2 92022-05-17
CVEList
CVE-2011-1847: IBM DB2 92011-05-03
CVE-2011-1847 — IBM DB2 vulnerability | cvebase