Lucene search

[email protected]CVE-2005-4738

HistoryOct 03, 2022 - 4:22 p.m.

CVE-2005-4738

2022-10-0316:22:45

[email protected]

web.nvd.nist.gov

ibm

db2

udb

security

vulnerability

cve-2005-4738

aix

ese

remote authentication

privilege escalation

6.9 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.3%

JSON

IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges.

Affected configurations

NVD

Node

ibmdb2_universal_databaseMatch8.0linux

ibmdb2_universal_databaseMatch8.1aix

ibmdb2_universal_databaseMatch8.1.4

ibmdb2_universal_databaseMatch8.1.5

ibmdb2_universal_databaseMatch8.1.6

ibmdb2_universal_databaseMatch8.1.6c

ibmdb2_universal_databaseMatch8.1.7

ibmdb2_universal_databaseMatch8.1.7b

ibmdb2_universal_databaseMatch8.1.8

ibmdb2_universal_databaseMatch8.1.8a

ibmdb2_universal_databaseMatch8.1.9

ibmdb2_universal_databaseMatch8.1.9a

CPENameOperatorVersion
ibm:db2_universal_databaseibm db2 universal databaseeq8.0
ibm:db2_universal_databaseibm db2 universal databaseeq8.1
ibm:db2_universal_databaseibm db2 universal databaseeq8.1.4
ibm:db2_universal_databaseibm db2 universal databaseeq8.1.5
ibm:db2_universal_databaseibm db2 universal databaseeq8.1.6
ibm:db2_universal_databaseibm db2 universal databaseeq8.1.6c
ibm:db2_universal_databaseibm db2 universal databaseeq8.1.7
ibm:db2_universal_databaseibm db2 universal databaseeq8.1.7b
ibm:db2_universal_databaseibm db2 universal databaseeq8.1.8
ibm:db2_universal_databaseibm db2 universal databaseeq8.1.8a

CPE	Name	Operator	Version
ibm:db2_universal_database	ibm db2 universal database	eq	8.0
ibm:db2_universal_database	ibm db2 universal database	eq	8.1
ibm:db2_universal_database	ibm db2 universal database	eq	8.1.4
ibm:db2_universal_database	ibm db2 universal database	eq	8.1.5
ibm:db2_universal_database	ibm db2 universal database	eq	8.1.6
ibm:db2_universal_database	ibm db2 universal database	eq	8.1.6c
ibm:db2_universal_database	ibm db2 universal database	eq	8.1.7
ibm:db2_universal_database	ibm db2 universal database	eq	8.1.7b
ibm:db2_universal_database	ibm db2 universal database	eq	8.1.8
ibm:db2_universal_database	ibm db2 universal database	eq	8.1.8a

Rows per page:

1-10 of 121

References

secunia.com/advisories/17031

www-1.ibm.com/support/docview.wss?uid=swg1IY71865

www.securityfocus.com/bid/15126

6.9 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

73.3%

JSON

Related for CVE-2005-4738

nvd1 cvelist1