CVE-2017-1150

Опубликовано: 08 мар. 2017

Источник: nvd

CVSS3: 3.1

CVSS2: 3.5

EPSS Низкий

Описание

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated attacker with specialized access to tables that they should not be permitted to view. IBM Reference #: 1999515.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg21999515
Patch
Vendor Advisory
http://www.securityfocus.com/bid/96597
http://www.securitytracker.com/id/1037946
http://www.ibm.com/support/docview.wss?uid=swg21999515
Patch
Vendor Advisory
http://www.securityfocus.com/bid/96597
http://www.securitytracker.com/id/1037946

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_enterprise:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_workgroup:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:enterprise:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:express:*:*:*

cpe:2.3:a:ibm:db2:10.1:*:*:*:workgroup:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_enterprise:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_workgroup:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:enterprise:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:express:*:*:*

cpe:2.3:a:ibm:db2:10.5:*:*:*:workgroup:*:*:*

cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:db2:11.1:*:*:*:advanced_enterprise:*:*:*

cpe:2.3:a:ibm:db2:11.1:*:*:*:advanced_workgroup:*:*:*

cpe:2.3:a:ibm:db2:11.1:*:*:*:enterprise:*:*:*

cpe:2.3:a:ibm:db2:11.1:*:*:*:express:*:*:*

cpe:2.3:a:ibm:db2:11.1:*:*:*:workgroup:*:*:*

EPSS

Процентиль: 37%

0.00159

Низкий

3.1 Low

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-269

Связанные уязвимости

GHSA-3q6v-gv39-h4r6