8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.3%
Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager (CVE-2023-35012, CVE-2023-27558, CVE-2023-29256, CVE-2023-30442, CVE-2023-27869, CVE-2023-27867, CVE-2023-27868, CVE-2023-30431, CVE-2023-23487, CVE-2023-30447, CVE-2023-30446, CVE-2023-30443, CVE-2023-30448, CVE-2023-30445, CVE-2023-30449)
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM Security Guardium Key Lifecycle Manager | 3.0, 3.0.1, 4.0, 4.1, 4.1.1, 4.2 |
CVE-2023-30443, CVE-2023-30448, CVE-2023-30445, CVE-2023-30449)
Principal Product and Version(s)|** Db2 Version(s)
**|Remediation/ Fixes
—|—|—
IBM Security Key Lifecycle Manager (SKLM) v3.0| IBM Db2 11.1.2.2| Checkout following technote:
<https://www.ibm.com/support/pages/node/7010557>
IBM Security Key Lifecycle Manager (SKLM) v3.0.1| IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v4.0| IBM Db2 11.1.4.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1| IBM Db2 11.5.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1| IBM Db2 11.5.6
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2| IBM Db2 11.5.8
Principal Product and Version(s)|** Db2 Version(s)
**|Remediation/ Fixes
—|—|—
IBM Security Key Lifecycle Manager (SKLM) v3.0| IBM Db2 11.1.2.2| Checkout following technote:
<https://www.ibm.com/support/pages/node/7010567>
IBM Security Key Lifecycle Manager (SKLM) v3.0.1| IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v4.0| IBM Db2 11.1.4.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1| IBM Db2 11.5.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1| IBM Db2 11.5.6
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2| IBM Db2 11.5.8
Principal Product and Version(s)|** Db2 Version(s)
**|Remediation/ Fixes
—|—|—
IBM Security Key Lifecycle Manager (SKLM) v3.0| IBM Db2 11.1.2.2| Checkout following technote:
<https://www.ibm.com/support/pages/node/7010565>
IBM Security Key Lifecycle Manager (SKLM) v3.0.1| IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v4.0| IBM Db2 11.1.4.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1| IBM Db2 11.5.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1| IBM Db2 11.5.6
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2| IBM Db2 11.5.8
Principal Product and Version(s)|** Db2 Version(s)
**|Remediation/ Fixes
—|—|—
IBM Security Key Lifecycle Manager (SKLM) v3.0| IBM Db2 11.1.2.2| Checkout following technote:
<https://www.ibm.com/support/pages/node/7010029>
IBM Security Key Lifecycle Manager (SKLM) v3.0.1| IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v4.0| IBM Db2 11.1.4.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1| IBM Db2 11.5.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1| IBM Db2 11.5.6
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2| IBM Db2 11.5.8
Principal Product and Version(s)|** Db2 Version(s)
**|Remediation/ Fixes
—|—|—
IBM Security Key Lifecycle Manager (SKLM) v3.0| IBM Db2 11.1.2.2| Checkout following technote:
<https://www.ibm.com/support/pages/node/7010561>
IBM Security Key Lifecycle Manager (SKLM) v3.0.1| IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v4.0| IBM Db2 11.1.4.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1| IBM Db2 11.5.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1| IBM Db2 11.5.6
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2| IBM Db2 11.5.8
Principal Product and Version(s)|** Db2 Version(s)
**|Remediation/ Fixes
—|—|—
IBM Security Key Lifecycle Manager (SKLM) v3.0| IBM Db2 11.1.2.2| Checkout following technote:
<https://www.ibm.com/support/pages/node/7010573>
IBM Security Key Lifecycle Manager (SKLM) v3.0.1| IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v4.0| IBM Db2 11.1.4.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1| IBM Db2 11.5.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1| IBM Db2 11.5.6
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2| IBM Db2 11.5.8
Principal Product and Version(s)|** Db2 Version(s)
**|Remediation/ Fixes
—|—|—
IBM Security Key Lifecycle Manager (SKLM) v3.0| IBM Db2 11.1.2.2| Checkout following technote:
<https://www.ibm.com/support/pages/node/7010571>
IBM Security Key Lifecycle Manager (SKLM) v3.0.1| IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v4.0| IBM Db2 11.1.4.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1| IBM Db2 11.5.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1| IBM Db2 11.5.6
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2| IBM Db2 11.5.8
Principal Product and Version(s)|** Db2 Version(s)
**|Remediation/ Fixes
—|—|—
IBM Security Key Lifecycle Manager (SKLM) v3.0| IBM Db2 11.1.2.2| Checkout following technote:
<https://www.ibm.com/support/pages/node/7010747>
IBM Security Key Lifecycle Manager (SKLM) v3.0.1| IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v4.0| IBM Db2 11.1.4.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1| IBM Db2 11.5.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1| IBM Db2 11.5.6
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2| IBM Db2 11.5.8
None
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.3%