CVE-2021-38931

Summary

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to an information disclosure as a result of a connected user having indirect read access to a table where they are not authorized to select from. IBM X-Force ID: 210418.

Affected Software

VendorProductVersion RangeStatus
IBMDB2 for Linux, UNIX and Windows11.1affected
IBMDB2 for Linux, UNIX and Windows11.5affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References