CVE-2013-4033

Sažetak

IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1IC94523
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94756
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94757
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94758
http://www-01.ibm.com/support/docview.wss?uid=swg21646809
https://exchange.xforce.ibmcloud.com/vulnerabilities/86093

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:H/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

29-08-2017 - 01:33

Objavljeno

28-08-2013 - 13:13