Vulnerability Details CVE-2021-20373
IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. IBM X-Force ID: 199521.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.0%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 5.0
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/195521
- https://security.netapp.com/advisory/ntap-20220225-0005/
- https://www.ibm.com/support/pages/node/6523804
- https://exchange.xforce.ibmcloud.com/vulnerabilities/195521
- https://security.netapp.com/advisory/ntap-20220225-0005/
- https://www.ibm.com/support/pages/node/6523804
Products affected by CVE-2021-20373
-
cpe:2.3:a:ibm:db2:10.1
-
cpe:2.3:a:ibm:db2:10.5
-
cpe:2.3:a:ibm:db2:11.1
-
cpe:2.3:a:ibm:db2:11.5
-
cpe:2.3:a:ibm:db2:9.7
-
cpe:2.3:o:hp:hp-ux:-
-
cpe:2.3:o:ibm:aix:-
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:oracle:solaris:-