Vulnerabilities > CVE-2021-29678 - Incorrect Authorization vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
ibm
netapp
CWE-863

Summary

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user with DBADM authority to access other databases and read or modify files. IBM X-Force ID: 199914.

Vulnerable Configurations

Part Description Count
Application
Ibm
5
Application
Netapp
1
OS
Hp
1
OS
Ibm
1
OS
Linux
1
OS
Microsoft
1
OS
Oracle
1

Common Weakness Enumeration (CWE)