7.5
CVE-2023-47152
- EPSS 0.08%
- Veröffentlicht 22.01.2024 20:15:46
- Zuletzt bearbeitet 21.11.2024 08:29:52
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Db2 Version < 11.5.9
Ibm ≫ Aix Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.242 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-209 Generation of Error Message Containing Sensitive Information
The product generates an error message that includes sensitive information about its environment, users, or associated data.