Описание
The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows attackers to obtain sensitive information by reading "PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES."
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 9.1 (включая)Версия до 9.5 (включая)
Одно из
cpe:2.3:a:ibm:db2:*:fp5:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:*:fp1:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp4a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.00477
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows attackers to obtain sensitive information by reading "PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES."
EPSS
Процентиль: 64%
0.00477
Низкий
5 Medium
CVSS2
Дефекты
CWE-200