Multiple Adobe Experience Manager Vulnerabilities
June 14, 2024Scammers Pose as CISA Employees to Commit Financial Theft
June 14, 2024Multiple Adobe Experience Manager Vulnerabilities
June 14, 2024Scammers Pose as CISA Employees to Commit Financial Theft
June 14, 2024Severity
Medium
Analysis Summary
CVE-2023-29267 CVSS:5.9
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables.
CVE-2024-28762 CVSS:5.3
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions.
CVE-2024-31880 CVSS:5.3
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2023-29267
- CVE-2024-28762
- CVE-2024-31880
Affected Vendors
Affected Products
- IBM DB2 for Linux and UNIX and Windows 11.1
- IBM DB2 for Linux and UNIX and Windows 10.5
- IBM DB2 for Linux and UNIX and Windows 11.5
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.