CVE-2017-1519Improper Input Validation in IBM DB2 Connect

CWE-20Improper Input Validation3 documents3 sources
Severity
5.9MEDIUMNVD
EPSS
1.5%
top 18.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM DB2IBM DB2 Connect
Timeline
PublishedSep 12
Latest updateMay 17

Description

IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

NVDibm/db2_connect9 versions+8
NVDibm/db29 versions+8

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-crxc-g775-mwg5: IBM DB2 102022-05-17
CVEList
CVE-2017-1519: IBM DB2 102017-09-12
CVE-2017-1519 — Improper Input Validation in IBM | cvebase