CVE-2016-0211

CWE-20Improper Input Validation4 documents4 sources
Severity
4.3MEDIUM
EPSS
1.5%
top 18.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM DB2IBM DB2 Connect
Timeline
PublishedApr 28
Latest updateMay 17

Description

IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDibm/db232 versions+31
NVDibm/db2_connect32 versions+31

🔴Vulnerability Details

2
GHSA
GHSA-jmj6-vf89-v2xg: IBM DB2 92022-05-17
CVEList
CVE-2016-0211: IBM DB2 92016-04-28
CVE-2016-0211 (MEDIUM CVSS 4.3) | IBM DB2 9.7 through FP11 | cvebase.io