Lucene search

IbmCVELIST:CVE-2021-29763

HistorySep 16, 2021 - 3:50 p.m.

CVE-2021-29763

2021-09-1615:50:18

ibm

www.cve.org

ibm

db2

vulnerability

denial of service

CVSS3

5.1

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

23.5%

JSON

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service. IBM X-Force ID: 202267.

CNA Affected

[
  {
    "product": "DB2 for Linux, UNIX and Windows",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "11.1"
      },
      {
        "status": "affected",
        "version": "11.5"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/202267

security.netapp.com/advisory/ntap-20211029-0005/

www.ibm.com/support/pages/node/6489493

CVSS3

5.1

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

23.5%

JSON

Related for CVELIST:CVE-2021-29763