CVE-2023-46167

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 4, 2023

Updated: Jan 12, 2024

CWE ID 20

Summary

CVE-2023-46167 is a denial-of-service vulnerability affecting IBM Db2 for Linux, UNIX, and Windows versions 11.5 and its federated server. An attacker can cause the server to crash by using a specifically crafted cursor. IBM's X-Force has assigned ID 269367 to this issue. This vulnerability may lead to extended downtime or disruptions to databases relying on Db2 federated servers. Organizations running the affected version are recommended to apply the necessary patches or updates as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM DB2

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tDE9NV
https://www.cve.org/CVERecord?id=CVE-2023-46167
https://nvd.nist.gov/vuln/detail/CVE-2023-46167

Back to Vulnerability Database