Lucene search

[email protected]NVD:CVE-2023-42005

HistoryMay 29, 2024 - 1:15 p.m.

CVE-2023-42005

2024-05-2913:15:48

CWE-264

[email protected]

web.nvd.nist.gov

ibm db2

db2 warehouse

cloud pak for data

kubernetes

system calls

security

containers

x-force.

CVSS3

7.4

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

Percentile

9.0%

JSON

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID: 265264.

References

exchange.xforce.ibmcloud.com/vulnerabilities/265264

www.ibm.com/support/pages/node/7155078

CVSS3

7.4

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2023-42005

cvelist1 cve1 vulnrichment1