Lucene search

[email protected]CVE-2014-8901

HistoryDec 18, 2014 - 4:59 p.m.

CVE-2014-8901

2014-12-1816:59:00

CWE-399

[email protected]

web.nvd.nist.gov

ibm

db2

fp10

security

vulnerability

xml

denial of service

cve-2014-8901

6.2 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON

IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML query.

CPENameOperatorVersion
ibm:db2ibm db2eq9.5
ibm:db2ibm db2eq10.1
ibm:db2ibm db2eq9.7
ibm:db2ibm db2eq10.5
ibm:db2ibm db2eq9.8

CPE	Name	Operator	Version
ibm:db2	ibm db2	eq	9.5
ibm:db2	ibm db2	eq	10.1
ibm:db2	ibm db2	eq	9.7
ibm:db2	ibm db2	eq	10.5
ibm:db2	ibm db2	eq	9.8

References

www-01.ibm.com/support/docview.wss?uid=swg1IT05933

www-01.ibm.com/support/docview.wss?uid=swg1IT05936

www-01.ibm.com/support/docview.wss?uid=swg1IT05937

www-01.ibm.com/support/docview.wss?uid=swg1IT05938

www-01.ibm.com/support/docview.wss?uid=swg1IT05939

www-01.ibm.com/support/docview.wss?uid=swg21692358

www.securityfocus.com/bid/71734

exchange.xforce.ibmcloud.com/vulnerabilities/99110

6.2 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON

Related for CVE-2014-8901

ibm4 prion1 openvas1 nessus4