IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated user with CONNECT privileges to cause a denial of service using a specially crafted query. IBM X-Force ID: 272646.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Vendors Products
Hp
  • Hp-ux
Ibm
  • Aix
  • Db2
  • Linux On Ibm Z
Linux
  • Linux Kernel
Microsoft
  • Windows
Oracle
  • Solaris

Configuration 1 [-]

AND
OR cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*
OR cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:linux_on_ibm_z:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*

No data.

References
Link Providers
https://exchange.xforce.ibmcloud.com/vulnerabilities/272646 cve-icon cve-icon
https://security.netapp.com/advisory/ntap-20240307-0002/ cve-icon cve-icon
https://www.ibm.com/support/pages/node/7105502 cve-icon cve-icon
History

Thu, 13 Feb 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2025-02-13T17:18:08.163Z

Reserved: 2023-11-09T11:31:41.193Z

Link: CVE-2023-47747

cve-icon Vulnrichment

Updated: 2024-08-02T21:16:43.648Z

cve-icon NVD

Status : Modified

Published: 2024-01-22T20:15:47.267

Modified: 2024-11-21T08:30:45.360

Link: CVE-2023-47747

cve-icon Redhat

No data.