Denial of Service Vulnerability in IBM Db2 Products
CVE-2023-30443
6.5MEDIUM
Summary
CVE-2023-30443 is a high-risk vulnerability affecting IBM Db2 for Linux, UNIX, and Windows, including the Db2 Connect Server. This vulnerability allows an attacker to execute a specially crafted query that can lead to a denial of service (DoS), severely impacting the availability and performance of the affected systems. Users of Db2 versions 10.5, 11.1, and 11.5 should take immediate action to apply available patches and implement mitigating controls to safeguard their environments against potential exploits.
Affected Version(s)
Db2 for Linux, UNIX and Windows 10.5, 11.1 ,11.5
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved