CVE-2023-40692

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 4, 2023

Updated: Jan 19, 2024

CWE ID 400

Summary

CVE-2023-40692 is a denial-of-service vulnerability affecting IBM Db2 for Linux, UNIX, and Windows versions 10.5, 11.1, and 11.5. Under extreme stress conditions, an attacker can exploit this weakness to cause the database management system to become unresponsive, rendering it inaccessible to legitimate users. IBM's X-Force has assigned ID 264807 to this issue. This vulnerability may lead to significant downtime and data loss if not addressed promptly. IBM strongly recommends users apply the available patch to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM DB2

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sY5v4t
https://www.cve.org/CVERecord?id=CVE-2023-40692
https://nvd.nist.gov/vuln/detail/CVE-2023-40692

Back to Vulnerability Database