IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287614.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/287614 | Vendor Advisory |
https://www.ibm.com/support/pages/node/7165338 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Sep 2024, 10:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. IBM X-Force ID: 287614. |
23 Aug 2024, 19:14
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:ibm:db2:*:*:*:*:*:linux:*:* cpe:2.3:a:ibm:db2:*:*:*:*:*:aix:*:* cpe:2.3:a:ibm:db2:*:*:*:*:*:windows:*:* |
|
Summary |
|
|
CWE | CWE-74 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
First Time |
Ibm db2
Ibm |
|
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/287614 - Vendor Advisory | |
References | () https://www.ibm.com/support/pages/node/7165338 - Vendor Advisory |
14 Aug 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-14 18:15
Updated : 2024-09-21 10:15
NVD link : CVE-2024-31882
Mitre link : CVE-2024-31882
CVE.ORG link : CVE-2024-31882
JSON object : View
Products Affected
ibm
- db2