Lucene search

K
cve[email protected]CVE-2013-4033
HistoryAug 28, 2013 - 1:13 p.m.

CVE-2013-4033

2013-08-2813:13:58
CWE-264
web.nvd.nist.gov
280
cve-2013-4033
ibm db2
db2 connect
nvd
explain authority
dml statements

6.5 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.0%

IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.

Affected configurations

NVD
Node
ibmdb2Match9.7
OR
ibmdb2Match9.8
OR
ibmdb2Match10.1
OR
ibmdb2Match10.5
OR
ibmdb2_connectMatch9.5
OR
ibmdb2_connectMatch9.7
OR
ibmdb2_connectMatch9.8
OR
ibmdb2_connectMatch10.1
OR
ibmdb2_connectMatch10.5

6.5 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.0%

Related for CVE-2013-4033