CVE-2014-6209Improper Input Validation in IBM DB2

CWE-20Improper Input Validation3 documents3 sources
Severity
4.0MEDIUMNVD
EPSS
1.4%
top 19.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM DB2
Timeline
PublishedDec 12
Latest updateMay 14

Description

IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by specifying an identity column within a crafted ALTER TABLE statement.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/db24 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-4793-6p96-fmhq: IBM DB2 92022-05-14
CVEList
CVE-2014-6209: IBM DB2 92014-12-12
CVE-2014-6209 — Improper Input Validation in IBM DB2 | cvebase