CVE-2025-27898
published 2026-02-17CVE-2025-27898: IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidate session after a timeout which could allow an authenticated user to impersonate another…
medium6.3CVSS 3.1
AVNACLPRLUINSUCLILAL
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidate session after a timeout which could allow an authenticated user to impersonate another user on the system.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | db2_recovery_expert | — | — |
| ibm | db2_recovery_expert_for_luw | — | — |