Vulnerability Details CVE-2010-3734
The Install component in IBM DB2 UDB 9.5 before FP6a on Linux, UNIX, and Windows enforces an unintended limit on password length, which makes it easier for attackers to obtain access via a brute-force attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 69.5%
CVSS Severity
CVSS v2 Score 5.0
References
- ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC62856
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14764
- ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC62856
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14764