6.5 Medium
AI Score
Confidence
Low
4.9 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:P/A:P
0.004 Low
EPSS
Percentile
71.7%
IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements for table access, which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third party information.
secunia.com/advisories/44229
www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71413
www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC72119
www-01.ibm.com/support/docview.wss?uid=swg1IC71413
www-01.ibm.com/support/docview.wss?uid=swg1IC72119
www.securityfocus.com/bid/47525
www.vupen.com/english/advisories/2011/1083
exchange.xforce.ibmcloud.com/vulnerabilities/66979
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14122