CVE-2023-40373

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 17, 2023

Updated: Dec 22, 2023

CWE ID 20

Summary

CVE-2023-40373 is a newly disclosed vulnerability affecting IBM Db2 for Linux, UNIX and Windows, as well as Db2 Connect Server. Hackers can exploit this weakness by sending specially crafted queries containing common table expressions, leading to a denial of service condition. IBM's X-Force team has assigned the ID 263574 to this issue. Organizations using the impacted software versions are recommended to apply the upcoming patch or implement protective measures to mitigate the risk of denial of service attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM DB2

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sWEdwy
https://www.cve.org/CVERecord?id=CVE-2023-40373
https://nvd.nist.gov/vuln/detail/CVE-2023-40373

Back to Vulnerability Database