Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-27869

IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unchecked logger injection. By sending a specially crafted request using the named traceFile property, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 249517.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.1%
CVSS Severity
CVSS v3 Score 6.3
Products affected by CVE-2023-27869
  • Ibm » Db2 » Version: 10.5.0.11
    cpe:2.3:a:ibm:db2:10.5.0.11
  • Ibm » Db2 » Version: 11.1.4.7
    cpe:2.3:a:ibm:db2:11.1.4.7
  • Ibm » Db2 » Version: 11.5
    cpe:2.3:a:ibm:db2:11.5
  • Hp » Hp-Ux » Version: N/A
    cpe:2.3:o:hp:hp-ux:-
  • Ibm » Aix » Version: N/A
    cpe:2.3:o:ibm:aix:-
  • Linux » Linux Kernel » Version: N/A
    cpe:2.3:o:linux:linux_kernel:-
  • Microsoft » Windows » Version: N/A
    cpe:2.3:o:microsoft:windows:-
  • Oracle » Solaris » Version: N/A
    cpe:2.3:o:oracle:solaris:-


Products
Pricing
Contact Us

Shodan ® - All rights reserved