Lucene search
HistoryOct 03, 2022 - 4:22 p.m.
CVE-2005-4738
ibm
db2
udb
security
vulnerability
cve-2005-4738
aix
ese
remote authentication
privilege escalation
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.4%
IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges.
Affected configurations
Node
ibmdb2_universal_databaseMatch8.0linux
ORibmdb2_universal_databaseMatch8.1aix
ORibmdb2_universal_databaseMatch8.1.4
ORibmdb2_universal_databaseMatch8.1.5
ORibmdb2_universal_databaseMatch8.1.6
ORibmdb2_universal_databaseMatch8.1.6c
ORibmdb2_universal_databaseMatch8.1.7
ORibmdb2_universal_databaseMatch8.1.7b
ORibmdb2_universal_databaseMatch8.1.8
ORibmdb2_universal_databaseMatch8.1.8a
ORibmdb2_universal_databaseMatch8.1.9
ORibmdb2_universal_databaseMatch8.1.9a
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.4%
Related for CVE-2005-4738