Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-27868
HistoryJul 10, 2023 - 4:15 p.m.

Code injection

2023-07-1016:15:00
PRIOn knowledge base
www.prio-n.com
4
ibm
db2
jdbc driver
code injection
remote attacker
arbitrary code
system vulnerability

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.3%

JSON

IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked class instantiation when providing plugin classes. By sending a specially crafted request using the named pluginClassName class, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 249516.

CPENameOperatorVersion
db2eq10.5.0.11
db2eq11.1.4.7
db2eq11.5

Related

nvd 1
cve 1
cvelist 1
ibm 12
nvd
nvd
CVE-2023-27868
2023-07-10 16:15:50
cve
cve
CVE-2023-27868
2023-07-10 16:15:50
cvelist
cvelist
CVE-2023-27868 IBM Db2 code execution
2023-07-08 18:46:16
ibm
ibm
Security Bulletin: IBM® Db2® JDBC driver is vulnerable to remote code execution. (CVE-2023-27869, CVE-2023-27867, CVE-2023-27868)
2023-07-11 20:56:13
Security Bulletin: Multiple vulnerabilities in DB2 JDBC driver affect IBM Tivoli Netcool Impact
2023-12-01 10:33:52
Security Bulletin: A security vulnerability has been identified in IBM DB2 shipped with IBM Intelligent Operations Center(CVEs - Remediation/Fixes)
2023-07-25 11:02:57

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.3%

JSON
Related for PRION:CVE-2023-27868
nvd1cve1cvelist1ibm12