Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

IBM DB2 SYSIBMADM Multiple Vulnerabilities (Sep10)

Information

Severity

Severity

Medium

Family

Family

Databases

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

12 years ago

Modified

Modified

3 years ago

Share

Summary

The host is running IBM DB2 and is prone to multiple vulnerabilities.

Insight

Insight

Multiple flaws are due to, - An erron in the handling of 'SYSIBMADM' schema. It does not perform the expected access control on the monitor administrative, which allows attackers to obtain sensitive information via unspecified vectors. - An erron in the handling of 'AUTO_REVAL' when AUTO_REVAL is IMMEDIATE, which allows remote authenticated users to cause a denial of service.

Affected Software

Affected Software

IBM DB2 versions prior to 9.7 Fix Pack 2

Solution

Solution

Update DB2 version 9.7 Fix Pack 2

Common Vulnerabilities and Exposures (CVE)

References