Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveIbmCVE-2016-0215
HistoryJan 16, 2018 - 7:29 p.m.

CVE-2016-0215

2018-01-1619:29:00
CWE-20
ibm
web.nvd.nist.gov
27
ibm db2
vulnerability
denial of service
cve-2016-0215
security
nvd

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

47.7%

JSON

IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, Solaris and Windows allow remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a subquery containing the AVG OLAP function on an Oracle compatible database.

Affected configurations

Nvd
Node
ibmdb2Match9.7advanced_enterprise_server
OR
ibmdb2Match9.7advanced_workgroup_server
OR
ibmdb2Match9.7connect_application_server
OR
ibmdb2Match9.7connect_enterprise
OR
ibmdb2Match9.7connect_unlimitedsystem_i
OR
ibmdb2Match9.7connect_unlimitedsystem_z
OR
ibmdb2Match9.7enterprise_server
OR
ibmdb2Match9.7express
OR
ibmdb2Match9.7workgroup_server
OR
ibmdb2Match10.1advanced_enterprise_server
OR
ibmdb2Match10.1advanced_workgroup_server
OR
ibmdb2Match10.1connect_application_server
OR
ibmdb2Match10.1connect_enterprise
OR
ibmdb2Match10.1connect_unlimitedsystem_i
OR
ibmdb2Match10.1connect_unlimitedsystem_z
OR
ibmdb2Match10.1enterprise_server
OR
ibmdb2Match10.1express
OR
ibmdb2Match10.1workgroup_server
OR
ibmdb2Match10.5advanced_enterprise_server
OR
ibmdb2Match10.5advanced_workgroup_server
OR
ibmdb2Match10.5connect_application_server
OR
ibmdb2Match10.5connect_enterprise
OR
ibmdb2Match10.5connect_unlimitedsystem_i
OR
ibmdb2Match10.5connect_unlimitedsystem_z
OR
ibmdb2Match10.5enterprise_server
OR
ibmdb2Match10.5express
OR
ibmdb2Match10.5workgroup_server
AND
hphp-uxMatch-
OR
ibmaixMatch-
OR
linuxlinux_kernelMatch-
OR
microsoftwindowsMatch-
OR
oraclesolarisMatch-
Node
ibmdb2Match9.8enterprise_server
AND
ibmaixMatch-
OR
linuxlinux_kernelMatch-
VendorProductVersionCPE
ibmdb29.7cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_enterprise_server:*:*:*
ibmdb29.7cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_workgroup_server:*:*:*
ibmdb29.7cpe:2.3:a:ibm:db2:9.7:*:*:*:connect_application_server:*:*:*
ibmdb29.7cpe:2.3:a:ibm:db2:9.7:*:*:*:connect_enterprise:*:*:*
ibmdb29.7cpe:2.3:a:ibm:db2:9.7:*:*:*:connect_unlimited:system_i:*:*
ibmdb29.7cpe:2.3:a:ibm:db2:9.7:*:*:*:connect_unlimited:system_z:*:*
ibmdb29.7cpe:2.3:a:ibm:db2:9.7:*:*:*:enterprise_server:*:*:*
ibmdb29.7cpe:2.3:a:ibm:db2:9.7:*:*:*:express:*:*:*
ibmdb29.7cpe:2.3:a:ibm:db2:9.7:*:*:*:workgroup_server:*:*:*
ibmdb210.1cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_enterprise_server:*:*:*
Rows per page:
1-10 of 331

Related

osv 1
ibm 3
prion 1
cvelist 1
nvd 1
nessus 3
openvas 1
osv
osv
CVE-2016-0215
2018-01-16 19:29:00
ibm
ibm
Security Bulletin: A security vulnerability has been identified in IBM DB2 shipped with IBM Predictive Maintenance and Quality (CVE-2016-0215)
2018-06-15 22:43:28
Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with WebSphere Remote Server (CVE-2016-0215)
2018-06-15 07:05:30
Security Bulletin: IBM® DB2® LUW contains a denial of service vulnerability using a SELECT statement with subquery containing the AVG OLAP function on Oracle compatible database (CVE-2016-0215)
2018-06-16 13:39:37
prion
prion
Code injection
2018-01-16 19:29:00
cvelist
cvelist
CVE-2016-0215
2018-01-16 19:00:00
nvd
nvd
CVE-2016-0215
2018-01-16 19:29:00
nessus
nessus
IBM DB2 9.7 < FP11 Special Build 35317 / 10.1 < FP5 Special Build 35316 / 10.5 < FP7 Special Build 35315 Multiple Vulnerabilities (UNIX)
2016-05-26 00:00:00
IBM DB2 Connect 9.7 < FP11 Special Build 35317 / 10.1 < FP5 Special Build 35316 / 10.5 < FP7 Special Build 35315 Multiple Vulnerabilities (Windows)
2016-05-26 00:00:00
IBM DB2 9.7 < FP11 Special Build 35317 / 10.1 < FP5 Special Build 35316 / 10.5 < FP7 Special Build 35315 Multiple Vulnerabilities (Windows)
2016-05-26 00:00:00
openvas
openvas
IBM Db2 LUW Multiple Denial of Service Vulnerabilities (May 2016)
2016-05-02 00:00:00

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

47.7%

JSON
Related for CVE-2016-0215
osv1ibm3prion1cvelist1nvd1nessus3openvas1