CVE-2013-4033

EUVD-2013-3964
IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:S/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Affected Products (NVD)
VendorProductVersion
ibmdb2
9.7
ibmdb2
9.8
ibmdb2
10.1
ibmdb2
10.5
ibmdb2_connect
9.5
ibmdb2_connect
9.7
ibmdb2_connect
9.8
ibmdb2_connect
10.1
ibmdb2_connect
10.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94523
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94756
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94757
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94758
http://www-01.ibm.com/support/docview.wss?uid=swg21646809
https://exchange.xforce.ibmcloud.com/vulnerabilities/86093
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94523
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94756
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94757
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94758
http://www-01.ibm.com/support/docview.wss?uid=swg21646809
https://exchange.xforce.ibmcloud.com/vulnerabilities/86093