Lucene search

China National Vulnerability DatabaseCNVD-2022-08972

HistoryDec 10, 2021 - 12:00 a.m.

IBM Db2 Information Disclosure Vulnerability (CNVD-2022-08972)

2021-12-1000:00:00

China National Vulnerability Database

www.cnvd.org.cn

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

IBM DB2 is a relational database management system from the U.S. IBM Db2 information disclosure vulnerability can be exploited by attackers to obtain sensitive information.

CPENameOperatorVersion
IBM IBM DB2 Veq10.1
IBM IBM DB2 Veq10.5
IBM IBM DB2 Veq11.1
IBM IBM DB2 Veq11.5
IBM IBM DB2 Veq9.7

Name	Operator	Version
IBM IBM DB2 V	eq	10.1
IBM IBM DB2 V	eq	10.5
IBM IBM DB2 V	eq	11.1
IBM IBM DB2 V	eq	11.5
IBM IBM DB2 V	eq	9.7

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Related for CNVD-2022-08972