Improper Privilege Assignment in IBM DB2 UDB Software
CVE-2007-6051

Currently unrated

Key Information:

Vendor: IBM
Status: Db2 Universal Database
Vendor: CVE Published:; 20 November 2007

Summary

IBM DB2 UDB 9.1, prior to Fixpak 4, exposes a security concern due to the incorrect assignment of privileges to the DB2ADMNS and DB2USERS alternative groups. This misconfiguration can lead to potential risks, as the specific effects of this vulnerability remain unclear from vendor documentation. Organizations utilizing this version of IBM DB2 UDB are advised to review their privilege settings and apply appropriate security measures.

References

http://www-1.ibm.com/support/docview.wss?uid=swg21255607

x_refsource_CONFIRM

http://osvdb.org/41011

vdb-entryx_refsource_OSVDB

http://www-1.ibm.com/support/docview.wss?uid=swg1JR26854

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Nov 20, 2007
Vulnerability Reserved
Nov 20, 2007