CVE-2023-29267

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Jun 12, 2024

Updated: Aug 7, 2024

CWE ID 399

Summary

CVE-2023-29267 is a denial-of-service vulnerability affecting IBM Db2 for Linux, UNIX, and Windows versions 10.5, 11.1, and 11.5. An authenticated user can exploit this vulnerability by using a specially crafted SQL statement, potentially causing the server to crash. IBM's X-Force has assigned the ID 287612 to this issue. This vulnerability could lead to a significant disruption of services if exploited. It is crucial for organizations using the affected versions of Db2 to apply the necessary patches as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM DB2

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wbS29h
https://www.cve.org/CVERecord?id=CVE-2023-29267
https://nvd.nist.gov/vuln/detail/CVE-2023-29267

Back to Vulnerability Database