CVE-2014-0919
4.6 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
57.2%
IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords during the processing of certain SQL statements by the monitoring and audit facilities, which allows remote authenticated users to obtain sensitive information via commands associated with these facilities.
References
www-01.ibm.com/support/docview.wss?uid=swg1IT07397
www-01.ibm.com/support/docview.wss?uid=swg1IT07547
www-01.ibm.com/support/docview.wss?uid=swg1IT07552
www-01.ibm.com/support/docview.wss?uid=swg1IT07553
www-01.ibm.com/support/docview.wss?uid=swg1IT07554
www-01.ibm.com/support/docview.wss?uid=swg21698021
www.securityfocus.com/bid/74217
www.securitytracker.com/id/1032247
Related
4.6 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
57.2%