CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
57.6%
IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords during the processing of certain SQL statements by the monitoring and audit facilities, which allows remote authenticated users to obtain sensitive information via commands associated with these facilities.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:*:*:*:advanced_enterprise:*:*:* |
ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:*:*:*:advanced_workgroup:*:*:* |
ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:*:*:*:enterprise:*:*:* |
ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:*:*:*:express:*:*:* |
ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:*:*:*:workgroup:*:*:* |
ibm | db2 | 9.7 | cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_enterprise:*:*:* |
ibm | db2 | 9.7 | cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_workgroup:*:*:* |
ibm | db2 | 9.7 | cpe:2.3:a:ibm:db2:9.7:*:*:*:enterprise:*:*:* |
ibm | db2 | 9.7 | cpe:2.3:a:ibm:db2:9.7:*:*:*:express:*:*:* |
ibm | db2 | 9.7 | cpe:2.3:a:ibm:db2:9.7:*:*:*:workgroup:*:*:* |
www-01.ibm.com/support/docview.wss?uid=swg1IT07397
www-01.ibm.com/support/docview.wss?uid=swg1IT07547
www-01.ibm.com/support/docview.wss?uid=swg1IT07552
www-01.ibm.com/support/docview.wss?uid=swg1IT07553
www-01.ibm.com/support/docview.wss?uid=swg1IT07554
www-01.ibm.com/support/docview.wss?uid=swg21698021
www.securityfocus.com/bid/74217
www.securitytracker.com/id/1032247