Lucene search

[email protected]CVE-2011-1847

HistoryMay 03, 2011 - 8:55 p.m.

CVE-2011-1847

2011-05-0320:55:00

CWE-264

[email protected]

web.nvd.nist.gov

ibm

db2

linux

unix

windows

privilege requirements

table access

sysstat.tables

statistics

columns

remote users

authenticated

vulnerability

8.9 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:P/A:P

0.004 Low

EPSS

Percentile

72.2%

JSON

IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
ibm:db2ibm db2eq9.5
ibm:db2ibm db2eq9.7

CPE	Name	Operator	Version
ibm:db2	ibm db2	eq	9.5
ibm:db2	ibm db2	eq	9.7

References

secunia.com/advisories/44229

www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71413

www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC72119

www-01.ibm.com/support/docview.wss?uid=swg1IC71413

www-01.ibm.com/support/docview.wss?uid=swg1IC72119

www.securityfocus.com/bid/47525

www.vupen.com/english/advisories/2011/1083

exchange.xforce.ibmcloud.com/vulnerabilities/66979

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14122

8.9 High

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:P/A:P

0.004 Low

EPSS

Percentile

72.2%

JSON

Related for CVE-2011-1847

prion1 cvelist1 openvas2 nessus2 ibm2