Lucene search
HistoryJul 10, 2023 - 4:15 p.m.
CVE-2023-30448
ibm db2
linux
unix
windows
denial of service
10.5
11.1
11.5
ibm x-force id
specially crafted query
certain tables
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
41.3%
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID: 253437.
Affected configurations
Node
ibmdb2Match10.5.0.11
ORibmdb2Match11.1.4.7
ORibmdb2Match11.5-
hphp-uxMatch-
ORibmaixMatch-
ORlinuxlinux_kernelMatch-
ORmicrosoftwindowsMatch-
ORoraclesolarisMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | db2 | 10.5.0.11 | cpe:2.3:a:ibm:db2:10.5.0.11:*:*:*:*:*:*:* |
| ibm | db2 | 11.1.4.7 | cpe:2.3:a:ibm:db2:11.1.4.7:*:*:*:*:*:*:* |
| ibm | db2 | 11.5 | cpe:2.3:a:ibm:db2:11.5:*:*:*:*:-:*:* |
| hp | hp-ux | - | cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:* |
| ibm | aix | - | cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:* |
| linux | linux_kernel | - | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
| microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
| oracle | solaris | - | cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2023-07-10 16:15:00
cvelist
cvelist
CVE-2023-30448 IBM Db2 denial of service
2023-07-08 18:19:59
cnvd
cnvd
IBM DB2 Denial of Service Vulnerability (CNVD-2023-64878)
2023-07-12 00:00:00
cve
cve
CVE-2023-30448
2023-07-10 16:15:52
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
41.3%
Related for NVD:CVE-2023-30448