CVE-2013-6717

3 documents3 sources

Severity

4.0MEDIUM

EPSS

1.7%

top 17.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM DB2 IBM DB2 Connect

Timeline

PublishedDec 19

Latest updateMay 14

Description

The OLAP query engine in IBM DB2 and DB2 Connect 9.7 through FP9, 9.8 through FP5, 10.1 through FP3, and 10.5 through FP2, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service (database outage and deactivation) via unspecified vectors.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/db2_connect21 versions+20

▶NVDibm/db221 versions+20

🔴Vulnerability Details

GHSA

GHSA-fp94-42gv-p934: The OLAP query engine in IBM DB2 and DB2 Connect 9↗2022-05-14

▶

CVEList

CVE-2013-6717: The OLAP query engine in IBM DB2 and DB2 Connect 9↗2013-12-19

▶