CVE-2022-22390

EUVD-2022-27536
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
ibmCNA
6.2 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AC:L/PR:N/UI:N/A:N/C:H/I:N/S:U/AV:L/RC:C/E:U/RL:O
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Affected Products (NVD)
VendorProductVersion
ibmdb2
9.7
ibmdb2
10.1
ibmdb2
10.5
ibmdb2
11.1
ibmdb2
11.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/221973
https://security.netapp.com/advisory/ntap-20220729-0007/
https://www.ibm.com/support/pages/node/6597993
https://exchange.xforce.ibmcloud.com/vulnerabilities/221973
https://security.netapp.com/advisory/ntap-20220729-0007/
https://www.ibm.com/support/pages/node/6597993