| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.8 | $0-$5k | 0.00 |
Summary
A vulnerability was found in IBM DB2 9.7/10.1/10.5/11.1. It has been classified as critical. This vulnerability affects unknown code of the component Command Line. Performing a manipulation results in memory corruption. This vulnerability is known as CVE-2017-1297. Attacking locally is a requirement. Furthermore, an exploit is available. Applying a patch is the recommended action to fix this issue. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Details
A vulnerability, which was classified as critical, was found in IBM DB2 9.7/10.1/10.5/11.1 (Database Software). This affects an unknown code block of the component Command Line. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying the issue as CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. This is going to have an impact on confidentiality, integrity, and availability.
The bug was discovered 06/22/2017. The weakness was published 06/22/2017 by Leon Juranic and Bosko Stankovic as swg22004878 as confirmed security bulletin (Website). The advisory is shared at www-01.ibm.com. This vulnerability is uniquely identified as CVE-2017-1297 since 11/30/2016. An attack has to be approached locally. The requirement for exploitation is a authentication. Technical details are unknown but a public exploit is available.
A public exploit has been developed by defensecode and been published 4 days after the advisory. The exploit is shared for download at exploit-db.com. It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 101161 (IBM DB2 9.7 < FP11 Special Build 36621 / 10.1 < FP6 Special Build 36610 / 10.5 < FP8 Special Build 36605 / 11.1.2 < FP2 Multiple Vulnerabilities (UNIX)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Databases and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 20049 (IBM DB2 LUW Command Line Processor Buffer Overflow Vulnerability (swg22004878)).
Applying the patch 11.1.2 FP2/APARs IT20498/IT20570/IT20571 is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at Exploit-DB (42260), Tenable (101161), SecurityFocus (BID 99271†) and SecurityTracker (ID 1038772†). Similar entry is available at VDB-102766. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Affected
- IBM DB2 Connect Server
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.ibm.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.0VulDB Meta Temp Score: 5.8
VulDB Base Score: 5.3
VulDB Temp Score: 4.8
VulDB Vector: 🔍
VulDB Reliability: 🔍
Vendor Base Score (IBM): 5.3
Vendor Vector (IBM): 🔍
NVD Base Score: 7.3
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Memory corruptionCWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Partially
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Author: defensecode
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 101161
Nessus Name: IBM DB2 9.7 < FP11 Special Build 36621 / 10.1 < FP6 Special Build 36610 / 10.5 < FP8 Special Build 36605 / 11.1.2 < FP2 Multiple Vulnerabilities (UNIX)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 802735
OpenVAS Name: IBM DB2 Command Line Processor Buffer Overflow Vulnerability Jun17
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Exploit Delay Time: 🔍
Patch: 11.1.2 FP2/APARs IT20498/IT20570/IT20571
Timeline
11/30/2016 🔍06/22/2017 🔍
06/22/2017 🔍
06/22/2017 🔍
06/22/2017 🔍
06/22/2017 🔍
06/23/2017 🔍
06/26/2017 🔍
06/26/2017 🔍
06/27/2017 🔍
06/30/2017 🔍
04/03/2025 🔍
Sources
Vendor: ibm.comAdvisory: swg22004878
Researcher: Leon Juranic, Bosko Stankovic
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2017-1297 (🔍)
GCVE (CVE): GCVE-0-2017-1297
GCVE (VulDB): GCVE-100-102765
X-Force: 125159
SecurityFocus: 99271 - IBM DB2 CVE-2017-1297 Local Buffer Overflow Vulnerability
SecurityTracker: 1038772
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 06/23/2017 10:02 AMUpdated: 04/03/2025 07:02 AM
Changes: 06/23/2017 10:02 AM (99), 10/25/2019 05:52 PM (5), 12/29/2020 02:35 PM (3), 04/03/2025 07:02 AM (15)
Complete: 🔍
Cache ID: 244:27B:40
No comments yet. Languages: en.
Please log in to comment.