← Back

CVE-2023-38728

nvd nist
Published: Oct 16, 2023Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258.

Affected (20)

Products: Ibm: Db2
Ibm
1 product
Db2
Configuration A
20 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Ibm
Db2
From 11.5 to 11.5.8
Db2
Version 10.5
Db2
Version 10.5 fp10
Db2
Version 10.5 fp1
Db2
Version 10.5 fp2
Db2
Version 10.5 fp3
Db2
Version 10.5 fp3a
Db2
Version 10.5 fp4
Db2
Version 10.5 fp5
Db2
Version 10.5 fp6
Db2
Version 10.5 fp7
Db2
Version 10.5 fp8
Db2
Version 10.5 fp9
Db2
Version 11.1.4
Db2
Version 11.1.4 fp1
Db2
Version 11.1.4 fp2
Db2
Version 11.1.4 fp3
Db2
Version 11.1.4 fp4
Db2
Version 11.1.4 fp5
Db2
Version 11.1.4 fp6
Running on/withPlatform Versions
Linux
Linux Kernel
All versions
Microsoft
Windows
All versions
Opengroup
Unix
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (7)

Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: psirt@us.ibm.com
Third Party Advisory
Source: psirt@us.ibm.com
Not Applicable
Source: nvd@nist.gov
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable

Timeline

No history available yet.