Request a Demo
Rewterz
Rewterz Threat Advisory – CVE-2021-38997 – IBM API Connect HOST Vulnerability
December 2, 2022
Rewterz
Rewterz Threat Advisory – Multiple IBM WebSphere Automation Vulnerabilities
December 2, 2022

Rewterz Threat Advisory – CVE-2022-41296 – IBM Db2U Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-41296

IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

Impact

Gain Access

Indicators Of Compromise

CVE

  • CVE-2022-41296

Affected Vendors

IBM

Affected Products

  • IBM Db2 Warehouse on Cloud Pak for Data 3.5
  • IBM Db2 Warehouse on Cloud Pak for Data 4.0
  • IBM Db2 on Cloud Pak for Data 3.5
  • IBM Db2 on Cloud Pak for Data 4.0
  • IBM Db2 on Cloud Pak for Data 4.5
  • IBM Db2 Warehouse on Cloud Pak for Data 4.5

Remediation

Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.

IBM Security Bulletin