← Back

CVE-2013-4033

nvd nist
Published: Aug 28, 2013Modified: Apr 29, 2026

JSON object

Loading...
4.6
Vector
AV:N/AC:H/Au:S/C:P/I:P/A:P
Exploitability: 3.9 / Impact: 6.4
Source: NVD

Description

IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.

Affected (9)

Products: Ibm: Db2, Db2 Connect
Ibm
2 products
Db2
Db2 Connect
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Db2
Version 10.1
Db2
Version 10.5
Db2
Version 9.7
Db2
Version 9.8
Ibm
Db2 Connect
Version 10.1
Db2 Connect
Version 10.5
Db2 Connect
Version 9.5
Db2 Connect
Version 9.7
Db2 Connect
Version 9.8

Related CWEs

CWE-264
CWE-264

References (12)

Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.