CVE-2019-4101

Summary

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 is vulnerable to a denial of service. Users that have both EXECUTE on PD_GET_DIAG_HIST and access to the diagnostic directory on the DB2 server can cause the instance to crash. IBM X-Force ID: 158091.

Affected Software

VendorProductVersion RangeStatus
IBMDB2 for Linux, UNIX and Windows10.5affected
IBMDB2 for Linux, UNIX and Windows10.1affected
IBMDB2 for Linux, UNIX and Windows11.1affected

Weaknesses

  • Denial of Service

ADP Enrichment

CVE Program Container

Additional References

References