Vulnerabilities > CVE-2021-29678 - Incorrect Authorization vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user with DBADM authority to access other databases and read or modify files. IBM X-Force ID: 199914.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 | |
Application | 1 | |
OS | 1 | |
OS | 1 | |
OS | 1 | |
OS | 1 | |
OS | 1 |
Common Weakness Enumeration (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/199914
- https://exchange.xforce.ibmcloud.com/vulnerabilities/199914
- https://security.netapp.com/advisory/ntap-20220114-0002/
- https://security.netapp.com/advisory/ntap-20220114-0002/
- https://www.ibm.com/support/pages/node/6523806
- https://www.ibm.com/support/pages/node/6523806