CVE-2010-3197
First published: Tue Aug 31 2010(Updated: )
IBM DB2 9.7 before FP2 does not perform the expected access control on the monitor administrative views in the SYSIBMADM schema, which allows remote attackers to obtain sensitive information via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM DB2 Universal Database | =9.7-fp1 | |
| IBM DB2 Universal Database | =9.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-3197?
CVE-2010-3197 is classified as a moderate severity vulnerability due to unauthorized access to sensitive information.
How do I fix CVE-2010-3197?
To mitigate CVE-2010-3197, upgrade IBM DB2 to version 9.7 FP2 or later.
What type of access does CVE-2010-3197 exploit?
CVE-2010-3197 exploits insufficient access control on the monitor administrative views in the SYSIBMADM schema.
Who is affected by CVE-2010-3197?
CVE-2010-3197 affects installations of IBM DB2 version 9.7 before FP2.
What are potential consequences of CVE-2010-3197?
The exploitation of CVE-2010-3197 may lead to remote attackers obtaining sensitive information from the database.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ibm
- canonical/ibm db2 universal database
- version/ibm db2 universal database/9.7-fp1
- version/ibm db2 universal database/9.7