CVE-2012-0713

2012-08-2410:36:42

ibm

web.nvd.nist.gov

290

cve-2012-0713

ibm db2

vulnerability

xml

remote authentication

nvd

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.001

Percentile

43.7%

JSON

Unspecified vulnerability in the XML feature in IBM DB2 9.7 before FP6 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary XML files via unknown vectors.

Affected configurations

Nvd

Node

ibmdb2Match9.7

ibmdb2Match9.7.0.1

ibmdb2Match9.7.0.2

ibmdb2Match9.7.0.3

ibmdb2Match9.7.0.4

ibmdb2Match9.7.0.5

AND

linuxlinux_kernel

microsoftwindows

VendorProductVersionCPE
ibmdb29.7cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*
ibmdb29.7.0.1cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*
ibmdb29.7.0.2cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*
ibmdb29.7.0.3cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*
ibmdb29.7.0.4cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*
ibmdb29.7.0.5cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	db2	9.7	cpe:2.3:a:ibm:db2:9.7:::::::*
ibm	db2	9.7.0.1	cpe:2.3:a:ibm:db2:9.7.0.1:::::::*
ibm	db2	9.7.0.2	cpe:2.3:a:ibm:db2:9.7.0.2:::::::*
ibm	db2	9.7.0.3	cpe:2.3:a:ibm:db2:9.7.0.3:::::::*
ibm	db2	9.7.0.4	cpe:2.3:a:ibm:db2:9.7.0.4:::::::*
ibm	db2	9.7.0.5	cpe:2.3:a:ibm:db2:9.7.0.5:::::::*
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
microsoft	windows	*	cpe:2.3:o:microsoft:windows::::::::