IBM DB2 Cross-Site Request Forgery Vulnerability (CNVD-2023-00813)

2022-12-1500:00:00

China National Vulnerability Database

www.cnvd.org.cn

ibm db2

cross-site request forgery

vulnerability

attack

authorization

unix

linux

ibmi

z/os

windows server

0.001 Low

EPSS

Percentile

29.6%

JSON

IBM DB2 is a relational database management system from International Business Machines (IBM), Inc. The system is implemented in UNIX, Linux, IBMi, z/OS, and Windows server versions.IBM DB2 is vulnerable to cross-site request forgery, which can be exploited by an attacker to perform malicious and unauthorized operations transmitted from a user trusted by the site.

CPENameOperatorVersion
ibm db2 warehouse on cloud pak for dataeq3.5
ibm db2 warehouse on cloud pak for dataeq4.0
ibm db2 on cloud pak for dataeq3.5
ibm db2 on cloud pak for dataeq4.0
ibm db2 on cloud pak for dataeq4.5
ibm db2 warehouse on cloud pak for dataeq4.5

Name	Operator	Version
ibm db2 warehouse on cloud pak for data	eq	3.5
ibm db2 warehouse on cloud pak for data	eq	4.0
ibm db2 on cloud pak for data	eq	3.5
ibm db2 on cloud pak for data	eq	4.0
ibm db2 on cloud pak for data	eq	4.5
ibm db2 warehouse on cloud pak for data	eq	4.5

0.001 Low

EPSS

Percentile

29.6%

JSON

Related for CNVD-2023-00813