Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Db2  >> 10.5.0.4  Security Vulnerabilities
CVE-2017-1438
IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128057.
CVSS Score
6.7
EPSS Score
0.001
Published
2017-09-12
CVE-2017-1439
IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128058.
CVSS Score
6.7
EPSS Score
0.001
Published
2017-09-12
CVE-2017-1451
IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileges to obtain root access. IBM X-Force ID: 128178.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-09-12
CVE-2017-1452
IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and overwrite DB2 files. IBM X-Force ID: 128180.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-09-12
CVE-2017-1519
IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829.
CVSS Score
5.9
EPSS Score
0.015
Published
2017-09-12
CVE-2017-1520
IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830.
CVSS Score
3.7
EPSS Score
0.002
Published
2017-09-12
CVE-2016-5995
Untrusted search path vulnerability in IBM DB2 9.7 through FP11, 10.1 through FP5, 10.5 before FP8, and 11.1 GA on Linux, AIX, and HP-UX allows local users to gain privileges via a Trojan horse library that is accessed by a setuid or setgid program.
CVSS Score
7.3
EPSS Score
0.001
Published
2016-10-01
CVE-2016-0211
IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message.
CVSS Score
4.3
EPSS Score
0.015
Published
2016-04-28
CVE-2012-3324
Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field.
CVSS Score
9.0
EPSS Score
0.009
Published
2012-09-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved