First published: Tue Sep 13 2022(Updated: )
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979.
Credit: psirt@us.ibm.com psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Ibm Db2 | =9.7.0.0 | |
Ibm Db2 | =9.7.0.0 | |
Ibm Db2 | =9.7.0.0 | |
Ibm Db2 | =10.1 | |
Ibm Db2 | =10.1 | |
Ibm Db2 | =10.1 | |
Ibm Db2 | =10.5 | |
Ibm Db2 | =10.5 | |
Ibm Db2 | =10.5 | |
Ibm Db2 | =11.1 | |
Ibm Db2 | =11.1 | |
Ibm Db2 | =11.1 | |
Ibm Db2 | =11.5 | |
Ibm Db2 | =11.5 | |
Ibm Db2 | =11.5 | |
HP HP-UX | ||
IBM AIX | ||
Linux Linux kernel | ||
Microsoft Windows | ||
Oracle Solaris |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2022-22483.
The severity level of CVE-2022-22483 is medium with a severity value of 6.5.
Versions 9.7, 10.1, 10.5, 11.1, and 11.5 of IBM Db2 for Linux, UNIX, and Windows are affected by CVE-2022-22483.
CVE-2022-22483 is caused by unauthorized access due to improper privilege management when using the CREATE OR REPLACE command.
No, other operating systems such as HP-UX, IBM AIX, Linux kernel, Microsoft Windows, and Oracle Solaris are not vulnerable to CVE-2022-22483.