7.5
CVE-2022-43930
- EPSS 0.1%
- Veröffentlicht 17.02.2023 18:15:11
- Zuletzt bearbeitet 21.11.2024 07:27:22
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Db2 for Linux, UNIX and Windows information disclosure
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.266 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 6.2 | 2.5 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.