CVE-2023-47152
5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Db2 for Linux, UNIX and Windows | 11.5 | affected |
Weaknesses
- CWE-209: CWE-209 Generation of Error Message Containing Sensitive Information
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/7105605
- https://exchange.xforce.ibmcloud.com/vulnerabilities/270730
- https://security.netapp.com/advisory/ntap-20240307-0001/
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.ibm.com/support/pages/node/7105605
- https://security.netapp.com/advisory/ntap-20240307-0001/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.