CVE-2009-3473
Published Sep 29, 2009
Last updated 11 years ago
Overview
- Description
- IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AF419E7-F2B5-4E2A-B85D-C0EC6C1DEA4F"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95BBA3F1-C276-4C30-BFE5-9CE212BEBEFA"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DF01163-F805-4FC8-9836-462034D1B5CF"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "757E30FB-2EFB-4B3D-9931-17D584D433A2"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "47455B4A-6E10-417F-9974-B0AA7F3180FE"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84156C5B-EFC6-4733-A868-C3C51CFBA7CD"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D511307-1EBB-408B-BCDE-C6BEFCF154C5"
}
],
"operator": "OR"
}
]
}
]