CVE-2015-1922

Опубликовано: 20 июл. 2015

Источник: nvd

CVSS2: 3.5

EPSS Низкий

Описание

The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to bypass intended access restrictions and delete table rows via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_enterprise:*:*:*

cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_workgroup:*:*:*

cpe:2.3:a:ibm:db2:9.7:*:*:*:enterprise:*:*:*

cpe:2.3:a:ibm:db2:9.7:*:*:*:express:*:*:*

cpe:2.3:a:ibm:db2:9.7:*:*:*:workgroup:*:*:*

cpe:2.3:a:ibm:db2:9.8:*:*:*:advanced_enterprise:*:*:*

cpe:2.3:a:ibm:db2:9.8:*:*:*:advanced_workgroup:*:*:*

cpe:2.3:a:ibm:db2:9.8:*:*:*:enterprise:*:*:*

cpe:2.3:a:ibm:db2:9.8:*:*:*:express:*:*:*

cpe:2.3:a:ibm:db2:9.8:*:*:*:workgroup:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_enterprise:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_workgroup:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:enterprise:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:express:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:workgroup:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_enterprise:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_workgroup:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:enterprise:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:express:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:workgroup:*:*:*

EPSS

Процентиль: 45%

0.00227

Низкий

3.5 Low

CVSS2

Дефекты

CWE-284

Связанные уязвимости

CVE-2015-1922

ubuntu

больше 10 лет назад

GHSA-9hgv-73cv-626v

github

больше 3 лет назад

BDU:2015-12144

fstec