IbmCVELIST:CVE-2024-31881CVE-2024-31881 IBM Db2 denial of service
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
9.1%
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. IBM X-Force ID: 287613.
CNA Affected
[
{
"cpes": [
"cpe:2.3:a:ibm:db2:10.5:*:*:*:*:linux:*:*",
"cpe:2.3:a:ibm:db2:10.5:*:*:*:*:unix:*:*",
"cpe:2.3:a:ibm:db2:10.5:*:*:*:*:aix:*:*",
"cpe:2.3:a:ibm:db2:10.5:*:*:*:*:hp-ux:*:*",
"cpe:2.3:a:ibm:db2:10.5:*:*:*:*:windows:*:*",
"cpe:2.3:a:ibm:db2:11.1:*:*:*:*:linux:*:*",
"cpe:2.3:a:ibm:db2:11.1:*:*:*:*:unix:*:*",
"cpe:2.3:a:ibm:db2:11.1:*:*:*:*:aix:*:*",
"cpe:2.3:a:ibm:db2:11.1:*:*:*:*:hp-ux:*:*",
"cpe:2.3:a:ibm:db2:11.1:*:*:*:*:windows:*:*",
"cpe:2.3:a:ibm:db2:11.5:*:*:*:*:linux:*:*",
"cpe:2.3:a:ibm:db2:11.5:*:*:*:*:unix:*:*",
"cpe:2.3:a:ibm:db2:11.5:*:*:*:*:aix:*:*",
"cpe:2.3:a:ibm:db2:11.5:*:*:*:*:hp-ux:*:*",
"cpe:2.3:a:ibm:db2:11.5:*:*:*:*:windows:*:*"
],
"defaultStatus": "unaffected",
"product": "Db2 for Linux, UNIX and Windows",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "10.5, 11.1, 11.5"
}
]
}
]Related
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
9.1%