Lucene search

[email protected]NVD:CVE-2011-1846

HistoryMay 03, 2011 - 8:55 p.m.

CVE-2011-1846

2011-05-0320:55:12

CWE-264

[email protected]

web.nvd.nist.gov

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.8%

JSON

IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

ibmdb2Range≤9.5fp6a

ibmdb2Match9.5

ibmdb2Match9.5fp1

ibmdb2Match9.5fp2

ibmdb2Match9.5fp2a

ibmdb2Match9.5fp3

ibmdb2Match9.5fp3a

ibmdb2Match9.5fp3b

ibmdb2Match9.5fp4

ibmdb2Match9.5fp4a

ibmdb2Match9.5fp5

ibmdb2Match9.5fp6

Node

ibmdb2Range≤9.7fp3

ibmdb2Match9.7

ibmdb2Match9.7fp1

ibmdb2Match9.7fp2

References

secunia.com/advisories/44229

www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71263

www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71375

www-01.ibm.com/support/docview.wss?uid=swg1IC71263

www-01.ibm.com/support/docview.wss?uid=swg1IC71375

www.securityfocus.com/bid/47525

www.vupen.com/english/advisories/2011/1083

exchange.xforce.ibmcloud.com/vulnerabilities/66980

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14688

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.8%

JSON

Related for NVD:CVE-2011-1846

cve2 prion2 cvelist2 openvas4 nvd1 nessus4 ibm2