CVE-2023-52296 | THREATINT

Assigner	ibm
Reserved	2023-12-31
Published	2024-04-03
Updated	2024-06-04

Description

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547.

MEDIUM: 5.3

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-20 Improper Input Validation

Product status

Default status

unaffected

11.5

affected

References

https://www.ibm.com/support/pages/node/7145722 vendor-advisory

https://https://exchange.xforce.ibmcloud.com/vulnerabilities/278547 vdb-entry

cve.org CVE-2023-52296

nvd.nist.gov CVE-2023-52296

Download JSON