IBM DB2 Information Disclosure and Credential Exposure (7250484) (Windows)

According to its self-reported version number, IBM Db2 on Windows may be affected by a vulnerability: - IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server clpplus command exposes user credentials to the termina...

IBM DB2 Information Disclosure and Credential Exposure (7250484) (Unix)

According to its self-reported version number, IBM Db2 on Unix may be affected by a vulnerability: - IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server clpplus command exposes user credentials to the terminal...

IBM Db2 Information Disclosure Vulnerability (CNVD-2025-29173)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. An information disclosure vulnerability exists in IBM Db2 that stems from the clpplus command exposing...

CVE-2025-36131

CVE-2025-36131 : IBM Db2 (and Db2 Connect Server) clpplus can expose user credentials in the terminal when there is physical access. The connected IBM bulletin for Cloud Pak for Data indicates remediation via upgrading IBM Db2 Big SQL to version 8.3 or later on Cloud Pak for Data 5.3+ (upgrade pa...

CVE-2025-36131 IBM Db2 information disclosure

IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server clpplus command exposes user credentials to the terminal which could be obtained by a third party with physical access to the system...