CVE-2023-29257
Published Apr 26, 2023
Last updated 2 years ago
Overview
- Description
- IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "421BBE95-3D5B-421A-9DC1-8B08D019B2A3",
"versionEndExcluding": "11.1.4",
"versionStartIncluding": "11.1"
},
{
"criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65161064-A4A3-48E5-AC0A-388429FF2F53",
"versionEndExcluding": "11.5.8",
"versionStartIncluding": "11.5"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "190AE881-F7BF-486E-BDAE-197337D70CDB"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:fp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D1BAA43-4C77-4AC7-8561-93EDE0AED000"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:fp10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6FDF4D8-1822-43E6-AE65-3E4F8743D3A3"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:fp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87C39880-D0E9-4487-9A80-B4D1A999032F"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:fp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8842A8B6-E470-4536-AB5D-DA1C62A05F58"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:fp3a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92BF0482-E4FE-454E-84DD-27074097F3F3"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:fp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3705A79B-7903-4055-9CDC-55D60D2AC2E4"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:fp5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBDFCE61-EE04-4901-844D-61B8966C1B81"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:fp6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53A23363-413D-4785-B8C1-9AC2F96000EB"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:fp7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E22D884-A33F-41D7-84CB-B6360A39863F"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:fp8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DA56D35-93E9-4659-B180-2FD636A39BAB"
},
{
"criteria": "cpe:2.3:a:ibm:db2:10.5:fp9:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E7F0B02-EA0B-4BD1-AA0C-2A4735221963"
},
{
"criteria": "cpe:2.3:a:ibm:db2:11.1.4:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F91EC14-CD9A-42EB-9D81-6025A1D74749"
},
{
"criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D098641-0833-4718-BB6A-273E1CA0F887"
},
{
"criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B451F96-2A58-4758-86E6-F8A030805C51"
},
{
"criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69CBC98E-BECE-41A4-A0D9-9F3AC1602ABE"
},
{
"criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20386F14-BC32-4174-9F3A-F7406486976A"
},
{
"criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD0DD54B-AB2E-4C56-B348-FF87C174270A"
},
{
"criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC14EF40-FE00-47F9-8A78-98713F903D9C"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]