9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
51.8%
IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin (CVE-2023-39976, CVE-2023-40373, CVE-2023-40372, CVE-2023-30987, CVE-2023-38719, CVE-2023-38740, CVE-2023-30991, CVE-2023-38720, CVE-2023-33850, CVE-2023-40374, CVE-2023-38728, CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597).
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM WebSphere Remote Server | 9.0, 8.5 |
IBM strongly recommends addressing the vulnerability now by upgrading
Principal Product and Version(s)
|
Affected Supporting Product and Version
|
Affected Supporting Product Security Bulletin
—|—|—
IBM WebSphere Remote Server
9.0
|
IBM Db2
11.5
|
IBM WebSphere Remote Server
8.5, 9.0
|
IBM Db2
10.5, 11.1, 11.5
|
IBM WebSphere Remote Server
9.0
|
IBM Db2
11.5
|
IBM WebSphere Remote Server
8.5, 9.0
|
IBM Db2
10.5, 11.1, 11.5
|
IBM WebSphere Remote Server
9.0
|
IBM Db2
11.5
|
IBM WebSphere Remote Server
8.5, 9.0
|
IBM Db2
10.5, 11.1, 11.5
|
Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®. (Apr 2023 CPU)
IBM WebSphere Remote Server
9.0
|
IBM Db2
11.5
|
IBM WebSphere Remote Server
9.0
|
IBM Db2
11.1, 11.5
|
IBM® Db2® is vulnerable to denial of service with a specially crafted query (CVE-2023-30991)
IBM WebSphere Remote Server
9.0
|
IBM Db2
11.1, 11.5
|
IBM WebSphere Remote Server
8.5, 9.0
|
IBM Db2
10.5, 11.1, 11.5
|
IBM WebSphere Remote Server
9.0
|
IBM Db2
11.5
|
IBM WebSphere Remote Server
8.5, 9.0
|
IBM Db2
10.5, 11.1, 11.5
|
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm websphere remote server | eq | 9.0 | |
ibm websphere remote server | eq | 8.5 |
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
51.8%