CVE-2017-1434

Published: Sep 12, 2017Modified: May 13, 2026

4.7

Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.0 / Impact: 3.6

Source: NVD

Description

IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) under unusual circumstances, could expose highly sensitive information in the error log to a local user.

Affected (2)

Products: Ibm: Db2, Db2 Connect

Ibm

2 products

Db2

Db2 Connect

Configuration A

2 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Ibm Db2	Version 11.1.0.0
Ibm Db2 Connect	Version 11.1.0.0

Running on/with	Platform Versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://www.ibm.com/support/docview.wss?uid=swg22005740

Source: psirt@us.ibm.com

MitigationPatchVendor Advisory

http://www.securityfocus.com/bid/100693

Source: psirt@us.ibm.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039297

Source: psirt@us.ibm.com

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/127806

Source: psirt@us.ibm.com

Vendor Advisory

http://www.ibm.com/support/docview.wss?uid=swg22005740

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationPatchVendor Advisory

http://www.securityfocus.com/bid/100693

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039297

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/127806

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.