Severity
6.5MEDIUM
EPSS
0.0%
top 93.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 30
Latest updateJan 31
Description
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a user to cause a denial of service due to improper neutralization of special elements in data query logic.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6
Affected Packages1 packages
Patches
🔴Vulnerability Details
3📋Vendor Advisories
1Microsoft▶
An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding↗2021-07-13