CVE-2023-38727

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 4, 2023

Updated: Jan 19, 2024

CWE ID 20

Summary

CVE-2023-38727 is a denial-of-service vulnerability affecting IBM Db2 for Linux, UNIX, and Windows versions 10.5, 11.1, and 11.5. A maliciously crafted SQL statement can cause the database to become unresponsive, preventing legitimate users from accessing the system (IBM X-Force ID: 262257). This issue may result in significant downtime and disrupt business operations that rely on the affected Db2 instances. IBM strongly advises users to apply the available patches as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM DB2

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sGxfAJ
https://www.cve.org/CVERecord?id=CVE-2023-38727
https://nvd.nist.gov/vuln/detail/CVE-2023-38727

Back to Vulnerability Database