CVE-2023-47152

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*
OR cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

27 Sep 2024, 14:15

Type Values Removed Values Added
Summary (en) IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. IBM X-Force ID: 270730. (en) IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions.
CWE CWE-209
References
  • {'url': 'https://exchange.xforce.ibmcloud.com/vulnerabilities/270730', 'tags': ['VDB Entry', 'Vendor Advisory'], 'source': 'psirt@us.ibm.com'}

07 Mar 2024, 17:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20240307-0001/ -

25 Jan 2024, 02:03

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE NVD-CWE-noinfo
First Time Ibm
Linux
Microsoft
Microsoft windows
Ibm db2
Ibm linux On Ibm Z
Linux linux Kernel
Ibm aix
CPE cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/270730 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/270730 - VDB Entry, Vendor Advisory
References () https://www.ibm.com/support/pages/node/7105605 - () https://www.ibm.com/support/pages/node/7105605 - Patch, Vendor Advisory

22 Jan 2024, 20:28

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-22 20:15

Updated : 2024-09-27 14:15


NVD link : CVE-2023-47152

Mitre link : CVE-2023-47152

CVE.ORG link : CVE-2023-47152


JSON object : View

Products Affected

linux

  • linux_kernel

ibm

  • db2
  • linux_on_ibm_z
  • aix

microsoft

  • windows
CWE
CWE-209

Generation of Error Message Containing Sensitive Information

NVD-CWE-noinfo