Vulnerabilities > IBM > DB2 Tools FOR Z OS > 2.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-11-11 | CVE-2011-4435 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Tools for Z/Os 2.3.0 The web-server component in the Consolidation and Analysis Engine (CAE) Server in DB2 Query Monitor in IBM DB2 Tools 2.3.0 for z/OS does not prevent directory browsing, which allows remote attackers to obtain sensitive information via HTTP requests. | 5.0 |