CVE-2013-4033
Published Aug 28, 2013
Last updated 7 years ago
Overview
- Description
- IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:N/AC:H/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D72D43DB-9A92-4E12-853B-F5FC9421D5EA"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368"
},
{
"criteria": "cpe:2.3:a:ibm:db2_connect:9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CDD816C-7070-4118-845E-6205FE130A02"
},
{
"criteria": "cpe:2.3:a:ibm:db2_connect:9.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A8DDC8C-92D4-4078-8C82-9CB27B0DBDD2"
},
{
"criteria": "cpe:2.3:a:ibm:db2_connect:9.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A174260C-45A3-4DE3-8B2C-82416196FFF3"
},
{
"criteria": "cpe:2.3:a:ibm:db2_connect:10.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B343CCB4-CE4B-44D2-A04E-69031CD649EA"
},
{
"criteria": "cpe:2.3:a:ibm:db2_connect:10.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1EC398F4-AA9B-446B-ABE3-236A3F72FBB9"
}
],
"operator": "OR"
}
]
}
]