CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-3739

The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.9%

CVSS Severity

CVSS v2 Score 6.4

References

ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218
ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218

Products affected by CVE-2010-3739

Ibm » Db2 Universal Database » Version: Any

cpe:2.3:a:ibm:db2_universal_database:*
Ibm » Db2 Universal Database » Version: 9.5

cpe:2.3:a:ibm:db2_universal_database:9.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-3739

Products

Pricing

Contact Us