4

CVE-2010-3475

EPSS 1.05%
Veröffentlicht 20.09.2010 22:00:04
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE statement contained in a compiled compound SQL statement.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Db2 Version9.7

Ibm ≫ Db2 Version9.7.0.1

Ibm ≫ Db2 Version9.7.0.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.05%	0.755

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:N/I:P/A:N

http://secunia.com/advisories/41444

Vendor Advisory

http://www.ibm.com/support/docview.wss?uid=swg21446455

http://www.securityfocus.com/bid/43291

http://www.vupen.com/english/advisories/2010/2425

Vendor Advisory

http://osvdb.org/68122

http://www-01.ibm.com/support/docview.wss?uid=swg1IC70406

http://www.securitytracker.com/id?1024458

https://exchange.xforce.ibmcloud.com/vulnerabilities/61873

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14609

https://nvd.nist.gov/vuln/detail/CVE-2010-3475

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-3475

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-3475

EUVD