9.1
CVE-2026-3856
- EPSS 0.01%
- Veröffentlicht 17.03.2026 22:20:14
- Zuletzt bearbeitet 19.03.2026 14:20:39
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Db2 Recovery Expert Missing Integrity Check
IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Db2 Recovery Expert Version5.5.0 Updateinterim_fix_002 SwPlatformlinux
Ibm ≫ Db2 Recovery Expert Version5.5.0 Updateinterim_fix_002 SwPlatformunix
Ibm ≫ Db2 Recovery Expert Version5.5.0 Updateinterim_fix_002 SwPlatformwindows
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.005 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
|
| psirt@us.ibm.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
CWE-353 Missing Support for Integrity Check
The product uses a transmission protocol that does not include a mechanism for verifying the integrity of the data during transmission, such as a checksum.