CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-38728

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.2%

CVSS Severity

CVSS v3 Score 5.3

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/262258
https://security.netapp.com/advisory/ntap-20231116-0006/
https://www.ibm.com/support/pages/node/7047489
https://www.ibm.com/support/pages/node/7047478
https://exchange.xforce.ibmcloud.com/vulnerabilities/262258
https://security.netapp.com/advisory/ntap-20231116-0006/
https://www.ibm.com/support/pages/node/7047489

Products affected by CVE-2023-38728

Ibm » Db2 » Version: 10.5

cpe:2.3:a:ibm:db2:10.5
Ibm » Db2 » Version: 11.1.4

cpe:2.3:a:ibm:db2:11.1.4
Ibm » Db2 » Version: 11.5

cpe:2.3:a:ibm:db2:11.5
Ibm » Db2 » Version: 11.5.5.0

cpe:2.3:a:ibm:db2:11.5.5.0
Ibm » Db2 » Version: 11.5.6

cpe:2.3:a:ibm:db2:11.5.6
Linux » Linux Kernel » Version: N/A

cpe:2.3:o:linux:linux_kernel:-
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-
Opengroup » Unix » Version: N/A

cpe:2.3:o:opengroup:unix:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-38728

Products

Pricing

Contact Us