Multiple IBM Db2 Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-29267 CVSS:5.9

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables.

CVE-2024-28762 CVSS:5.3

IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions.

CVE-2024-31880 CVSS:5.3

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user.

Impact

Denial of Service

Indicators of Compromise

CVE

CVE-2023-29267
CVE-2024-28762
CVE-2024-31880

Affected Vendors

IBM

Affected Products

IBM DB2 for Linux and UNIX and Windows 11.1
IBM DB2 for Linux and UNIX and Windows 10.5
IBM DB2 for Linux and UNIX and Windows 11.5

Remediation

Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.

CVE-2023-29267

CVE-2024-28762

CVE-2024-31880

Multiple Adobe Experience Manager Vulnerabilities

Scammers Pose as CISA Employees to Commit Financial Theft

Multiple IBM Db2 Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan