2 matches found
Security Bulletin: IBM® Db2® is vulnerable to information disclosure and credential exposure to privileged users under specific conditions (CVE-2025-36131)
Summary IBM® Db2® clpplus command exposes user credentials to the terminal which could be obtained by a third party with physical access to the system. Vulnerability Details CVEID:CVE-2025-36131 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server clpplus command exposes...
PT-2023-7701 · Ibm · Ibm Db2
Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 11.1 through 11.5 Description: The issue exists due to insufficient input validation in the system, allowing a remote attacker to cause a denial of service through a...