Описание
IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210.
Ссылки
- VDB EntryVendor Advisory
- Vendor Advisory
- VDB EntryVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:db2:3.5:-:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:3.5:refresh_10:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:4.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:4.0:refresh_9:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:4.5:-:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:4.5:refresh_3:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_warehouse:3.5:-:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_warehouse:3.5:refresh_10:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_warehouse:4.0:-:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_warehouse:4.0:refresh_9:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_warehouse:4.5:-:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_warehouse:4.5:refresh_3:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00165
Низкий
6.5 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-352
CWE-352
Связанные уязвимости
CVSS3: 8.8
github
около 3 лет назад
IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210.
EPSS
Процентиль: 38%
0.00165
Низкий
6.5 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-352
CWE-352