CVE-2023-29256
5.3
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to an information disclosure due to improper privilege management when certain federation features are used. IBM X-Force ID: 252046.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Db2 for Linux, UNIX and Windows | 10.5, 11.1 ,11.5 | affected |
Weaknesses
- 284 Improper Access Control
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/7010573
- https://exchange.xforce.ibmcloud.com/vulnerabilities/252046
- https://security.netapp.com/advisory/ntap-20230731-0007/
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.ibm.com/support/pages/node/7010573
- https://exchange.xforce.ibmcloud.com/vulnerabilities/252046
- https://security.netapp.com/advisory/ntap-20230731-0007/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.