CVE-2023-29256

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jul 10, 2023

Updated: Jul 31, 2023

CWE ID 269

Summary

CVE-2023-29256 is a newly discovered vulnerability affecting IBM Db2 for Linux, UNIX, and Windows versions 10.5, 11.1, and 11.5. This issue stems from improper privilege management in specific federation features, potentially leading to information disclosure. IBM X-Force has assigned the ID 252046 to this vulnerability. IBM users are advised to update their software or apply relevant patches as soon as possible to mitigate the risk of unauthorized data access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM DB2

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r5ksrF
https://www.cve.org/CVERecord?id=CVE-2023-29256
https://nvd.nist.gov/vuln/detail/CVE-2023-29256

Back to Vulnerability Database