CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
EPSS
Percentile
57.6%
IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords
during the processing of certain SQL statements by the monitoring and audit
facilities, which allows remote authenticated users to obtain sensitive
information via commands associated with these facilities.
www-01.ibm.com/support/docview.wss?uid=swg1IT07397
www-01.ibm.com/support/docview.wss?uid=swg1IT07547
www-01.ibm.com/support/docview.wss?uid=swg1IT07552
www-01.ibm.com/support/docview.wss?uid=swg1IT07553
www-01.ibm.com/support/docview.wss?uid=swg1IT07554
www-01.ibm.com/support/docview.wss?uid=swg21698021
launchpad.net/bugs/cve/CVE-2014-0919
nvd.nist.gov/vuln/detail/CVE-2014-0919
security-tracker.debian.org/tracker/CVE-2014-0919
www.cve.org/CVERecord?id=CVE-2014-0919