Lucene search

[email protected]CVE-2024-25046

HistoryApr 03, 2024 - 1:16 p.m.

CVE-2024-25046

2024-04-0313:16:01

CWE-20

[email protected]

web.nvd.nist.gov

organization individual nvd

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

6.5 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

8.6%

JSON

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service by an authenticated user using a specially crafted query. IBM X-Force ID: 282953.

VendorProductVersionCPE
ibmdb211.1cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:*
ibmdb211.5cpe:2.3:a:ibm:db2:11.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	db2	11.1	cpe:2.3:a:ibm:db2:11.1:::::::*
ibm	db2	11.5	cpe:2.3:a:ibm:db2:11.5:::::::*

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/282953

www.ibm.com/support/pages/node/7145726

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

6.5 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

8.6%

JSON

Related for CVE-2024-25046

cvelist1 ibm6