IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/221970 | VDB Entry Vendor Advisory |
https://security.netapp.com/advisory/ntap-20220729-0007/ | Third Party Advisory |
https://www.ibm.com/support/pages/node/6598047 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
28 Oct 2022, 22:43
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220729-0007/ - Third Party Advisory |
29 Jul 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
06 Jul 2022, 14:23
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 6.5 |
CWE | CWE-89 | |
CPE | cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:ibm:db2:11.5:*:*:*:*:*:*:* cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:* cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:* cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:* |
|
First Time |
Opengroup
Linux Opengroup unix Ibm Ibm db2 Microsoft Microsoft windows Linux linux Kernel |
|
References | (CONFIRM) https://www.ibm.com/support/pages/node/6598047 - Vendor Advisory | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/221970 - VDB Entry, Vendor Advisory |
24 Jun 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-24 17:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-22389
Mitre link : CVE-2022-22389
CVE.ORG link : CVE-2022-22389
JSON object : View
Products Affected
linux
- linux_kernel
microsoft
- windows
opengroup
- unix
ibm
- db2
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')