CVE-2023-29256

Summary

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to an information disclosure due to improper privilege management when certain federation features are used. IBM X-Force ID: 252046.

Affected Software

VendorProductVersion RangeStatus
IBMDb2 for Linux, UNIX and Windows10.5, 11.1 ,11.5affected

Weaknesses

  • 284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References