8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.3%
There are multiple vulnerabilities in IBM® DB2 used by IBM Operations Analytics Predictive Insights 1.3.6 and earlier. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs (CVE-2023-30447, CVE-2023-30446, CVE-2023-30443, CVE-2023-30448, CVE-2023-30445, CVE-2023-30449, CVE-2023-23487, CVE-2023-30431, CVE-2023-27869, CVE-2023-27867, CVE-2023-27868, CVE-2023-30442, CVE-2023-29256, CVE-2023-27558, CVE-2023-35012)
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM Operations Analytics Predictive Insights | 1.3.5 |
IBM Operations Analytics Predictive Insights | 1.3.6 |
Please apply the security bulletin: IBM® Db2® has multiple denial of service vulnerabilities with a specially crafted query
Please apply the security bulletin: IBM® Db2® JDBC driver is vulnerable to remote code execution
Please apply the security bulletin: IBM® Db2® db2set is vulnerable to arbitrary code execution
Please apply the security bulletin: IBM® Db2® is vulnerable to insufficient audit logging
Please apply the security bulletin: IBM® Db2® with Federated configuration is vulnerable to arbitrary code execution
Please apply the security bulletin: IBM® Db2® is vulnerable to information disclosure due to improper privilege management
Please apply the security bulletin: IBM® Db2® federated server is vulnerable to a denial of service when using a specially crafted wrapper
Please apply the security bulletin: IBM® Db2® on Windows is vulnerable to privilege escalation ( if DB2 is deployed on Windows )
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm operations analytics - predictive insights | eq | 1.3.6 |
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.3%