CVE-2023-47152

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*
OR cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 08:29

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 5.9
References
  • () https://exchange.xforce.ibmcloud.com/vulnerabilities/270730 -
References () https://security.netapp.com/advisory/ntap-20240307-0001/ - () https://security.netapp.com/advisory/ntap-20240307-0001/ -
References () https://www.ibm.com/support/pages/node/7105605 - Patch, Vendor Advisory () https://www.ibm.com/support/pages/node/7105605 - Patch, Vendor Advisory

27 Sep 2024, 14:15

Type Values Removed Values Added
Summary (en) IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. IBM X-Force ID: 270730. (en) IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions.
CWE CWE-209
References
  • {'url': 'https://exchange.xforce.ibmcloud.com/vulnerabilities/270730', 'tags': ['VDB Entry', 'Vendor Advisory'], 'source': 'psirt@us.ibm.com'}

07 Mar 2024, 17:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20240307-0001/ -

25 Jan 2024, 02:03

Type Values Removed Values Added
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/270730 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/270730 - VDB Entry, Vendor Advisory
References () https://www.ibm.com/support/pages/node/7105605 - () https://www.ibm.com/support/pages/node/7105605 - Patch, Vendor Advisory
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
First Time Ibm
Linux
Microsoft
Microsoft windows
Ibm db2
Ibm linux On Ibm Z
Linux linux Kernel
Ibm aix
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

22 Jan 2024, 20:28

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-22 20:15

Updated : 2024-11-21 08:29


NVD link : CVE-2023-47152

Mitre link : CVE-2023-47152

CVE.ORG link : CVE-2023-47152


JSON object : View

Products Affected

ibm

  • db2
  • aix
  • linux_on_ibm_z

linux

  • linux_kernel

microsoft

  • windows
CWE
CWE-209

Generation of Error Message Containing Sensitive Information

NVD-CWE-noinfo