CVE-2013-6717
First published: Thu Dec 19 2013(Updated: )
The OLAP query engine in IBM DB2 and DB2 Connect 9.7 through FP9, 9.8 through FP5, 10.1 through FP3, and 10.5 through FP2, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service (database outage and deactivation) via unspecified vectors.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Db2 | =9.7 | |
| Ibm Db2 | =9.7.0.1 | |
| Ibm Db2 | =9.7.0.2 | |
| Ibm Db2 | =9.7.0.3 | |
| Ibm Db2 | =9.7.0.4 | |
| Ibm Db2 | =9.7.0.5 | |
| Ibm Db2 | =9.7.0.6 | |
| Ibm Db2 | =9.7.0.7 | |
| Ibm Db2 | =9.7.0.8 | |
| Ibm Db2 | =9.7.0.9 | |
| IBM DB2 Connect | =9.7 | |
| IBM DB2 Connect | =9.7.0.1 | |
| IBM DB2 Connect | =9.7.0.2 | |
| IBM DB2 Connect | =9.7.0.3 | |
| IBM DB2 Connect | =9.7.0.4 | |
| IBM DB2 Connect | =9.7.0.5 | |
| IBM DB2 Connect | =9.7.0.6 | |
| IBM DB2 Connect | =9.7.0.7 | |
| IBM DB2 Connect | =9.7.0.8 | |
| IBM DB2 Connect | =9.7.0.9 | |
| Ibm Db2 | =9.8 | |
| Ibm Db2 | =9.8.0.3 | |
| Ibm Db2 | =9.8.0.4 | |
| Ibm Db2 | =9.8.0.5 | |
| IBM DB2 Connect | =9.8 | |
| IBM DB2 Connect | =9.8.0.3 | |
| IBM DB2 Connect | =9.8.0.4 | |
| IBM DB2 Connect | =9.8.0.5 | |
| Ibm Db2 | =10.5 | |
| Ibm Db2 | =10.5.0.1 | |
| Ibm Db2 | =10.5.0.2 | |
| IBM DB2 Connect | =10.5 | |
| IBM DB2 Connect | =10.5.0.1 | |
| IBM DB2 Connect | =10.5.0.2 | |
| IBM DB2 pureScale Feature | ||
| Ibm Db2 | =10.1 | |
| Ibm Db2 | =10.1.0.1 | |
| Ibm Db2 | =10.1.0.2 | |
| Ibm Db2 | =10.1.0.3 | |
| IBM DB2 Connect | =10.1 | |
| IBM DB2 Connect | =10.1.0.1 | |
| IBM DB2 Connect | =10.1.0.2 | |
| IBM DB2 Connect | =10.1.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/56451
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC95641
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97737
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97738
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97762
- http://www-01.ibm.com/support/docview.wss?uid=swg21660041
- http://www.ibm.com/support/docview.wss?uid=swg21659490
- http://www.securityfocus.com/bid/64336
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89116
Frequently Asked Questions
What is the severity of CVE-2013-6717?
CVE-2013-6717 has a moderate severity rating due to its potential to cause a denial of service in affected IBM DB2 instances.
How do I fix CVE-2013-6717?
To fix CVE-2013-6717, users should apply the appropriate IBM patches released for the affected versions of DB2.
Which versions of IBM DB2 are affected by CVE-2013-6717?
CVE-2013-6717 affects IBM DB2 versions 9.7 through FP9, 9.8 through FP5, 10.1 through FP3, and 10.5 through FP2.
What impact can CVE-2013-6717 have on my database?
CVE-2013-6717 can lead to a database outage and deactivation due to denial of service caused by remote authenticated users.
Are there any workarounds for CVE-2013-6717?
While it is recommended to apply patches, organizations might limit access controls for authenticated users as a temporary workaround against CVE-2013-6717.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- vendor/ibm
- canonical/ibm db2
- version/ibm db2/9.7
- version/ibm db2/9.7.0.1
- version/ibm db2/9.7.0.2
- version/ibm db2/9.7.0.3
- version/ibm db2/9.7.0.4
- version/ibm db2/9.7.0.5
- version/ibm db2/9.7.0.6
- version/ibm db2/9.7.0.7
- version/ibm db2/9.7.0.8
- version/ibm db2/9.7.0.9
- canonical/ibm db2 connect
- version/ibm db2 connect/9.7
- version/ibm db2 connect/9.7.0.1
- version/ibm db2 connect/9.7.0.2
- version/ibm db2 connect/9.7.0.3
- version/ibm db2 connect/9.7.0.4
- version/ibm db2 connect/9.7.0.5
- version/ibm db2 connect/9.7.0.6
- version/ibm db2 connect/9.7.0.7
- version/ibm db2 connect/9.7.0.8
- version/ibm db2 connect/9.7.0.9
- version/ibm db2/9.8
- version/ibm db2/9.8.0.3
- version/ibm db2/9.8.0.4
- version/ibm db2/9.8.0.5
- version/ibm db2 connect/9.8
- version/ibm db2 connect/9.8.0.3
- version/ibm db2 connect/9.8.0.4
- version/ibm db2 connect/9.8.0.5
- version/ibm db2/10.5
- version/ibm db2/10.5.0.1
- version/ibm db2/10.5.0.2
- version/ibm db2 connect/10.5
- version/ibm db2 connect/10.5.0.1
- version/ibm db2 connect/10.5.0.2
- canonical/ibm db2 purescale feature
- version/ibm db2/10.1
- version/ibm db2/10.1.0.1
- version/ibm db2/10.1.0.2
- version/ibm db2/10.1.0.3
- version/ibm db2 connect/10.1
- version/ibm db2 connect/10.1.0.1
- version/ibm db2 connect/10.1.0.2
- version/ibm db2 connect/10.1.0.3