5.5
CVE-2025-13755
- EPSS 0.11%
- Veröffentlicht 26.05.2026 15:46:55
- Zuletzt bearbeitet 27.05.2026 13:49:05
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM® Db2® is vulnerable to credential exposure in db2diag when executing specific testcase buckets
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes DB2 Connect Server) stores potentially sensitive information in log files that could be read by a local user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.014 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.
https://www.ibm.com/support/pages/node/7273554