CVE-2014-0919

Sažetak

IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords during the processing of certain SQL statements by the monitoring and audit facilities, which allows remote authenticated users to obtain sensitive information via commands associated with these facilities.

Reference

http://www.securityfocus.com/bid/74217
http://www.securitytracker.com/id/1032247
http://www-01.ibm.com/support/docview.wss?uid=swg1IT07397
http://www-01.ibm.com/support/docview.wss?uid=swg1IT07547
http://www-01.ibm.com/support/docview.wss?uid=swg1IT07552
http://www-01.ibm.com/support/docview.wss?uid=swg1IT07553
http://www-01.ibm.com/support/docview.wss?uid=swg1IT07554
http://www-01.ibm.com/support/docview.wss?uid=swg21698021

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

28-11-2016 - 19:10

Objavljeno

08-05-2015 - 01:59