Ibm Db2 Universal Database 漏洞

时间轴

版本

9.0	26
7.x	16
8.x	14
8.0	14
8.1	12

修正

Official Fix	94
Temporary Fix	0
Workaround	2
Unavailable	2
Not Defined	8

易受攻击性

High	2
Functional	0
Proof-of-Concept	46
Unproven	4
Not Defined	54

访问向量

Not Defined	0
Physical	0
Local	20
Adjacent	4
Network	82

身份验证

Not Defined	0
High	0
Low	32
None	74

用户交互

Not Defined	0
Required	0
None	106

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	2
≤5	0
≤6	28
≤7	22
≤8	6
≤9	2
≤10	46

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	2
≤5	8
≤6	34
≤7	14
≤8	0
≤9	34
≤10	14

VulDB

≤1	0
≤2	0
≤3	0
≤4	2
≤5	0
≤6	28
≤7	22
≤8	6
≤9	2
≤10	46

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

供应商

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	0
<2k	0
<5k	8
<10k	28
<25k	26
<50k	40
<100k	4
≥100k	0

本日攻击

<1k	100
<2k	0
<5k	2
<10k	0
<25k	4
<50k	0
<100k	0
≥100k	0

攻击市场容量

🔴 CTI 活动

Affected Versions (23): 6.0, 6.1, 7, 7 FP12, 7.0, 7.1, 7.2 FP9, 8 FP12, 8 FP13, 8.0, 8.1, 8.1 FP6, 8.1 FP8, 8.2, 8.2 FP3, 8.2 FP16, 9.0, 9.1, 9.1 FP2, 9.2, 9.3, 9.4, XP

Link to Product Website: https://www.ibm.com/

软件类型: Database Software

已发布	Base	Temp	漏洞	0day	今天	易	修正	CTI	CVE
2010-10-05	6.5	6.2	IBM DB2 Universal Database Audit Facility 弱身份验证	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2010-3739
2010-04-23	6.3	5.7	IBM DB2 Universal Database Data 弱加密	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2009-3555
2009-12-02	5.9	5.3	IBM DB2 Universal Database User Account 权限升级	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.02	CVE-2009-4150
2009-01-16	5.3	4.8	IBM DB2 Universal Database 权限升级	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.03	CVE-2009-0173
2009-01-16	5.3	4.8	IBM DB2 Universal Database 权限升级	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.05	CVE-2009-0172
2008-09-08	9.8	9.4	IBM DB2 Universal Database 权限升级	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2008-3960
2008-08-28	9.8	8.8	IBM DB2 Universal Database 信息公开	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-3857
2008-08-28	9.8	9.4	IBM DB2 Universal Database 权限升级	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2008-3856
2008-08-28	9.8	8.8	IBM DB2 Universal Database Administration Server DAS 权限升级	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-3855
2008-08-28	9.8	8.8	IBM DB2 Universal Database sqlrlaka 内存损坏	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-3854
2008-08-28	10.0	9.5	IBM DB2 Universal Database DAS 内存损坏	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2008-3853
2008-08-28	9.8	8.8	IBM DB2 Universal Database Stored Procedure 权限升级	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-3852
2008-06-09	5.3	5.3	IBM DB2 Universal Database Local Privilege Escalation	$25k-$100k	$0-$5k	Not Defined	Not Defined	0.02
2008-04-16	9.3	8.4	IBM DB2 Universal Database Administration Server 内存损坏	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2007-5758
2008-04-16	8.4	7.6	IBM DB2 Universal Database Administration Server 权限升级	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2007-5664
2008-02-12	5.3	5.3	IBM DB2 Universal Database Local Privilege Escalation	$25k-$100k	$0-$5k	Not Defined	Not Defined	0.04
2008-02-04	9.8	9.4	IBM DB2 Universal Database JAR File Administration 拒绝服务	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2007-3676
2008-02-04	9.8	9.4	IBM DB2 Universal Database SYSPROC.NNSTAT 拒绝服务	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.08	CVE-2007-3676
2008-02-04	9.8	8.5	IBM DB2 Universal Database ATTACH 拒绝服务	$5k-$25k	$0-$5k	Unproven	Official Fix	0.00	CVE-2007-3676
2008-02-04	9.9	8.9	IBM DB2 Universal Database SetUID Binary 内存损坏	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-0699
2008-02-04	9.8	8.8	IBM DB2 Universal Database DB2DART 内存损坏	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.02	CVE-2008-0698
2008-02-04	9.1	8.2	IBM DB2 Universal Database DB2 Commands 权限升级	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00	CVE-2008-0697
2008-02-04	9.8	8.8	IBM DB2 Universal Database SYSPROC.ADMIN_SP_C 权限升级	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.05	CVE-2008-0696
2008-02-04	9.8	8.5	IBM DB2 Universal Database DAS 权限升级	$25k-$100k	$0-$5k	Unproven	Official Fix	0.00	CVE-2007-5757
2008-02-04	4.8	4.3	IBM DB2 Universal Database DB2PD DB2INSTANCE 权限升级	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.04	CVE-2008-0696

81 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 81 results.

更多条目由 Ibm

◂ 上一步一览下一步 ▸

Do you need the next level of professionalism?

Upgrade your account now!