8.4 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.8%
IBM Db2 is shipped as a component of IBM Security Key Lifecycle Manager (SKLM/GKLM). Information about multiple security vulnerabilities affecting IBM Db2 has been published in a security bulletin.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM Security Guardium Key Lifecycle Manager | 3.0, 3.0.1, 4.0, 4.1, 4.1.1, 4.2, 4.2.1 |
Principal Product and Version(s)
| Affected Supporting Product and Version
—|—
IBM Security Key Lifecycle Manager (SKLM) v3.0| IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v3.0.1| IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v4.0| IBM Db2 11.1.4.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1| IBM Db2 11.5.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1| IBM Db2 11.5.8
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2| IBM Db2 11.5.8
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2.1| IBM Db2 11.5.9
IBM encourages customers to update their systems promptly.
Principal Product and Version(s) | Remediation/ Fixes |
---|---|
IBM Security Key Lifecycle Manager (SKLM) v3.0 | <https://www.ibm.com/support/pages/node/7105496> |
IBM Security Key Lifecycle Manager (SKLM) v3.0.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.0 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2.1 |
Please consult following security bulletins from IBM Db2 for more detail:
IBM® Db2® is vulnerable to denial of service with a specially crafted query (CVE-2023-47158)
Principal Product and Version(s) | Remediation/ Fixes |
---|---|
IBM Security Key Lifecycle Manager (SKLM) v3.0 | <https://www.ibm.com/support/pages/node/7105500> |
IBM Security Key Lifecycle Manager (SKLM) v3.0.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.0 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2.1 |
Please consult following security bulletins from IBM Db2 for more detail:
Principal Product and Version(s) | Remediation/ Fixes |
---|---|
IBM Security Key Lifecycle Manager (SKLM) v3.0 | <https://www.ibm.com/support/pages/node/7105502> |
IBM Security Key Lifecycle Manager (SKLM) v3.0.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.0 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2.1 |
Please consult following security bulletins from IBM Db2 for more detail:
IBM® Db2® is vulnerable to a denial of service when using a specially crafted query (CVE-2023-47747)
Principal Product and Version(s) | Remediation/ Fixes |
---|---|
IBM Security Key Lifecycle Manager (SKLM) v3.0 | <https://www.ibm.com/support/pages/node/7105503> |
IBM Security Key Lifecycle Manager (SKLM) v3.0.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.0 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2.1 |
Please consult following security bulletins from IBM Db2 for more detail:
Principal Product and Version(s) | Remediation/ Fixes |
---|---|
IBM Security Key Lifecycle Manager (SKLM) v3.0 | <https://www.ibm.com/support/pages/node/7105505> |
IBM Security Key Lifecycle Manager (SKLM) v3.0.1
IBM Security Key Lifecycle Manager (SKLM) v4.0
IBM Security Key Lifecycle Manager (SKLM) v4.1
IBM Security Key Lifecycle Manager (SKLM) v4.1.1
IBM Security Key Lifecycle Manager (SKLM) v4.2
IBM Security Key Lifecycle Manager (SKLM) v4.2.1
Please consult following security bulletins from IBM Db2 for more detail:
Principal Product and Version(s) | Remediation/ Fixes |
---|---|
IBM Security Key Lifecycle Manager (SKLM) v3.0 | <https://www.ibm.com/support/pages/node/7105605> |
IBM Security Key Lifecycle Manager (SKLM) v3.0.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.0 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2.1 |
Please consult following security bulletins from IBM Db2 for more detail:
Principal Product and Version(s) | Remediation/ Fixes |
---|---|
IBM Security Key Lifecycle Manager (SKLM) v3.0 | <https://www.ibm.com/support/pages/node/7105497> |
IBM Security Key Lifecycle Manager (SKLM) v3.0.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.0 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2.1 |
Please consult following security bulletins from IBM Db2 for more detail:
IBM® Db2® is vulnerable to denial of service with a specially crafted query (CVE-2023-47141)
Principal Product and Version(s) | Remediation/ Fixes |
---|---|
IBM Security Key Lifecycle Manager (SKLM) v3.0 | <https://www.ibm.com/support/pages/node/7105499> |
IBM Security Key Lifecycle Manager (SKLM) v3.0.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.0 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2.1 |
Please consult following security bulletins from IBM Db2 for more detail:
Principal Product and Version(s) | Remediation/ Fixes |
---|---|
IBM Security Key Lifecycle Manager (SKLM) v3.0 | <https://www.ibm.com/support/pages/node/7105501> |
IBM Security Key Lifecycle Manager (SKLM) v3.0.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.0 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2.1 |
Please consult following security bulletins from IBM Db2 for more detail:
Principal Product and Version(s) | Remediation/ Fixes |
---|---|
IBM Security Key Lifecycle Manager (SKLM) v3.0 | <https://www.ibm.com/support/pages/node/7105506> |
IBM Security Key Lifecycle Manager (SKLM) v3.0.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.0 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.1.1 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2 | |
IBM Security Key Lifecycle Manager (SKLM) v4.2.1 |
Please consult following security bulletins from IBM Db2 for more detail:
None
8.4 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.8%