5.9

CVE-2017-1519

IBM DB2 10.5 and 11.1 contains a denial of service vulnerability. A remote user can cause disruption of service for DB2 Connect Server setup with a particular configuration. IBM X-Force ID: 129829.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmDb2 Version10.5
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Version10.5.0.1
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Version10.5.0.2
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Version10.5.0.3
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Version10.5.0.3 Updatea
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Version10.5.0.4
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Version10.5.0.5
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Version10.5.0.6
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Version10.5.0.7
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Version11.1.0.0
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Connect Version10.5
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Connect Version10.5.0.1
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Connect Version10.5.0.2
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Connect Version10.5.0.3
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Connect Version10.5.0.4
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Connect Version10.5.0.5
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Connect Version10.5.0.6
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Connect Version10.5.0.7
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
IbmDb2 Connect Version11.1.0.0
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.73% 0.747
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.ibm.com/support/docview.wss?uid=swg22007183
Patch
Vendor Advisory
http://www.securityfocus.com/bid/100688
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039298
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/129829
Vendor Advisory