Vulnerability Details CVE-2017-1434
IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.6%
CVSS Severity
CVSS v3 Score 4.7
CVSS v2 Score 2.1
References
- http://www.ibm.com/support/docview.wss?uid=swg22005740
- http://www.securityfocus.com/bid/100693
- http://www.securitytracker.com/id/1039297
- https://exchange.xforce.ibmcloud.com/vulnerabilities/127806
- http://www.ibm.com/support/docview.wss?uid=swg22005740
- http://www.securityfocus.com/bid/100693
- http://www.securitytracker.com/id/1039297
- https://exchange.xforce.ibmcloud.com/vulnerabilities/127806
Products affected by CVE-2017-1434
-
cpe:2.3:a:ibm:db2:11.1.0.0
-
cpe:2.3:a:ibm:db2_connect:11.1.0.0
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-