3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
52.6%
The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through
FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows
allows remote authenticated users to bypass intended access restrictions
and delete table rows via unspecified vectors.
Author | Note |
---|---|
sbeattie | DB2 is in the partner archive for the 12.04 LTS release |
www-01.ibm.com/support/docview.wss?uid=swg1IT08523
www-01.ibm.com/support/docview.wss?uid=swg1IT08524
www-01.ibm.com/support/docview.wss?uid=swg1IT08525
www-01.ibm.com/support/docview.wss?uid=swg1IT08526
www-01.ibm.com/support/docview.wss?uid=swg21959650
launchpad.net/bugs/cve/CVE-2015-1922
nvd.nist.gov/vuln/detail/CVE-2015-1922
security-tracker.debian.org/tracker/CVE-2015-1922
www.cve.org/CVERecord?id=CVE-2015-1922