Lucene search

[email protected]CVE-2009-3473

HistorySep 29, 2009 - 9:30 p.m.

CVE-2009-3473

2009-09-2921:30:00

[email protected]

web.nvd.nist.gov

ibm

db2

9.1

fp8

vulnerability

nvd

cve-2009-3473

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.5%

JSON

IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors.

Affected configurations

NVD

Node

ibmdb2Match9.1fp1

ibmdb2Match9.1fp2

ibmdb2Match9.1fp3

ibmdb2Match9.1fp4

ibmdb2Match9.1fp5

ibmdb2Match9.1fp6

ibmdb2Match9.1fp7

CPENameOperatorVersion
ibm:db2ibm db2eq9.1

CPE	Name	Operator	Version
ibm:db2	ibm db2	eq	9.1

References

osvdb.org/58479

secunia.com/advisories/36890

www-01.ibm.com/support/docview.wss?uid=swg1IZ55883

www-01.ibm.com/support/docview.wss?uid=swg21403619

www.securityfocus.com/bid/36540

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.5%

JSON

Related for CVE-2009-3473

prion1 openvas4 nvd1 cvelist1 nessus1