Lucene search

[email protected]CVE-2014-6210

HistoryDec 12, 2014 - 4:59 p.m.

CVE-2014-6210

2014-12-1216:59:00

CWE-20

[email protected]

web.nvd.nist.gov

ibm

db2

version

denial of service

dos

authenticated users

security vulnerability

6.3 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.084 Low

EPSS

Percentile

94.4%

JSON

IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by specifying the same column within multiple ALTER TABLE statements.

CPENameOperatorVersion
ibm:db2_connectibm db2 connecteq10.5
ibm:db2_connectibm db2 connecteq10.1
ibm:db2ibm db2eq9.7
ibm:db2ibm db2eq9.8

CPE	Name	Operator	Version
ibm:db2_connect	ibm db2 connect	eq	10.5
ibm:db2_connect	ibm db2 connect	eq	10.1
ibm:db2	ibm db2	eq	9.7
ibm:db2	ibm db2	eq	9.8

References

secunia.com/advisories/62092

www-01.ibm.com/support/docview.wss?uid=swg1IC96934

www-01.ibm.com/support/docview.wss?uid=swg1IT04138

www-01.ibm.com/support/docview.wss?uid=swg1IT05651

www-01.ibm.com/support/docview.wss?uid=swg1IT05652

www-01.ibm.com/support/docview.wss?uid=swg21690891

www-01.ibm.com/support/docview.wss?uid=swg21693197

www.securityfocus.com/bid/71730

www.securitytracker.com/id/1034572

exchange.xforce.ibmcloud.com/vulnerabilities/98685

6.3 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.084 Low

EPSS

Percentile

94.4%

JSON

Related for CVE-2014-6210

ibm3 prion1 cvelist1 nessus4