CVE-2011-4890

CWE-20Improper Input Validation3 documents3 sources
Severity
4.0MEDIUM
EPSS
1.2%
top 21.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Soliddb
Timeline
PublishedFeb 21
Latest updateMay 17

Description

The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a ROWNUM condition involving a subquery.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/soliddb6.5.0.8+9

🔴Vulnerability Details

2
GHSA
GHSA-j76m-4qgg-283p: The server in IBM solidDB 62022-05-17
CVEList
CVE-2011-4890: The server in IBM solidDB 62012-02-21
CVE-2011-4890 (MEDIUM CVSS 4) | The server in IBM solidDB 6.5 befor | cvebase.io