CVE-2009-3472
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
5.9 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.8%
IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 allows remote authenticated users to bypass intended access restrictions, and update, insert, or delete table rows, via unspecified vectors.
Affected configurations
References
osvdb.org/58478
secunia.com/advisories/36890
www-01.ibm.com/support/docview.wss?uid=swg1IZ50074
www-01.ibm.com/support/docview.wss?uid=swg1IZ50078
www-01.ibm.com/support/docview.wss?uid=swg1IZ50079
www-01.ibm.com/support/docview.wss?uid=swg21386689
www-01.ibm.com/support/docview.wss?uid=swg21403619
www.securityfocus.com/bid/36540
Related
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
5.9 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.8%