Lucene search
HistorySep 29, 2009 - 9:30 p.m.
CVE-2009-3473
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.5 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.5%
IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors.
Affected configurations
Node
ibmdb2Match9.1fp1
ORibmdb2Match9.1fp2
ORibmdb2Match9.1fp3
ORibmdb2Match9.1fp4
ORibmdb2Match9.1fp5
ORibmdb2Match9.1fp6
ORibmdb2Match9.1fp7
Related
prion
prion
Authorization
2009-09-29 21:30:00
openvas
openvas
IBM Db2 Unspecified Vulnerability - Windows
2009-10-06 00:00:00
IBM DB2 Unspecified Vulnerability (Linux)
2009-10-06 00:00:00
IBM DB2 Unspecified Vulnerability (Windows)
2009-10-06 00:00:00
cve
cve
CVE-2009-3473
2009-09-29 21:30:00
cvelist
cvelist
CVE-2009-3473
2009-09-29 21:00:00
nessus
nessus
IBM DB2 9.1 < Fix Pack 8 Multiple Vulnerabilities
2009-10-06 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.5 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.5%
Related for NVD:CVE-2009-3473