CVE-2009-4438
Published Dec 28, 2009
Last updated 14 years ago
Overview
- Description
- The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated users to make use of data via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AF419E7-F2B5-4E2A-B85D-C0EC6C1DEA4F"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95BBA3F1-C276-4C30-BFE5-9CE212BEBEFA"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DF01163-F805-4FC8-9836-462034D1B5CF"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E570E88C-35F8-4E12-8121-20536AC8A0AB"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "757E30FB-2EFB-4B3D-9931-17D584D433A2"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp4a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B31F9D02-25FD-4ED1-9D1C-B244BC9426B6"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "47455B4A-6E10-417F-9974-B0AA7F3180FE"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84156C5B-EFC6-4733-A868-C3C51CFBA7CD"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp6a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA8ABABB-F84D-41F0-A894-56911AF6E7E7"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.1:fp7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D511307-1EBB-408B-BCDE-C6BEFCF154C5"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58147402-53D5-4F15-862B-EE3DCCD75E2C"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3F3CB5E-D4FB-4C03-B108-06CC358B1F45"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB2EA14A-878A-4D8D-B17A-568712D21C48"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84C925CD-E753-401F-9EC0-6E3D9861C818"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "651D042C-A9F1-42D1-A6DD-95ADBCD08448"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A589323-B8B8-4CB4-B1A9-B9E771C99123"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61252AF9-A231-442A-A473-BA0608323BF2"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB37A1AA-58F0-4A39-8E38-C70692CE67BF"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05"
}
],
"operator": "OR"
}
]
}
]