Lucene search
K
IbmDb2 Recovery Expert

10 matches found

CVE
CVE
added 2013/09/25 10:0 a.m.51 views

CVE-2013-4024

CVE-2013-4024 affects IBM Data Studio Web Console (3.x before 3.2), Optim Performance Manager (5.x before 5.2), InfoSphere Optim Configuration Manager (2.x before 2.2), and DB2 Recovery Expert (2.x). The issue arises from the Web Console serving over HTTP, allowing remote attackers to read sessio...

4.3CVSS6.6AI score0.01066EPSS
CVE
CVE
added 2013/09/25 10:0 a.m.45 views

CVE-2013-4025

CVE-2013-4025 affects IBM Data Studio Web Console (3.x before 3.2), Optim Performance Manager (5.x before 5.2), InfoSphere Optim Configuration Manager (2.x before 2.2), and DB2 Recovery Expert (2.x). The root cause is lack of an off autocomplete attribute on the login-password field, enabling an ...

1.9CVSS6.6AI score0.00479EPSS
CVE
CVE
added 2013/09/25 10:0 a.m.42 views

CVE-2013-4022

CVE-2013-4022 affects IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert. A flaw stores unspecified authentication information in cookies, enabling remote authenticated users to bypass access restrictions via unknown vectors...

3.5CVSS6.1AI score0.00922EPSS
CVE
CVE
added 2026/03/17 10:20 p.m.34 views

CVE-2026-3856

Summary : CVE-2026-3856 affects IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2. The issue stems from an insecure mechanism used to verify data integrity during transmission, which could allow an attacker to modify or corrupt data. Affected product and version : IBM Db2 Recovery Expe...

9.1CVSS5.8AI score0.00152EPSS
CVE
CVE
added 2026/02/17 7:50 p.m.22 views

CVE-2025-27899

CVE-2025-27899 affects IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002. Connected sources confirm that sensitive information is disclosed via an environment variable, which could aid in subsequent attacks. The NVD/IBM metadata lists CVSSv3.1 metrics (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) with ...

5.3CVSS5.4AI score0.00197EPSS
CVE
CVE
added 2026/02/17 7:52 p.m.17 views

CVE-2025-27898

CVE-2025-27898 affects IBM DB2 Recovery Expert for LUW, version 5.5 Interim Fix 002. The issue is that sessions are not invalidated after a timeout, which could allow an authenticated user to impersonate another user on the system. Root cause is a lack of session invalidation after inactivity. Im...

6.3CVSS5.5AI score0.00154EPSS
CVE
CVE
added 2026/02/17 7:48 p.m.15 views

CVE-2025-27900

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 is affected by an open redirect vulnerability that could allow a remote attacker to perform phishing by spoofing the URL and redirecting users to a malicious site. Affected component: DB2 Recovery Expert for LUW 5.5 Interim Fix 002. Underlying i...

6.8CVSS5.5AI score0.00137EPSS
CVE
CVE
added 2026/02/17 7:32 p.m.14 views

CVE-2025-27903

CVE-2025-27903 affects IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002. Affected component is the Recovery Expert for Linux/UNIX/Windows; the underlying issue is transmission of data over a cleartext channel, enabling potential MITM interception to obtain sensitive information. The accompanyi...

5.9CVSS5.5AI score0.00133EPSS
CVE
CVE
added 2026/02/17 7:35 p.m.13 views

CVE-2025-27901

CVE-2025-27901 affects IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002. The vulnerability stems from improper validation of input in the HOST header, enabling HTTP header injection. This could allow an attacker to perform cross-site scripting, cache poisoning, or session hijacking against the...

6.5CVSS5.4AI score0.00168EPSS
CVE
CVE
added 2026/02/17 7:30 p.m.12 views

CVE-2025-27904

CVE-2025-27904 : IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 is vulnerable to cross-site request forgery (CSRF), allowing an attacker to perform malicious and unauthorized actions transmitted from a trusted user. The issue affects IBM Db2 Recovery Expert for Linux, UNIX and Windows and is...

6.5CVSS5.5AI score0.00112EPSS