PT-2010-5033 · Ibm · Ibm Db2 Udb

Published

2010-10-05

Updated

2010-10-06

CVE-2010-3739

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM DB2 UDB version 9.5 before FP6a

Description The issue affects the audit facility in the Security component, where instance-level audit settings are used to capture connection events, such as CONNECT and AUTHENTICATION, under certain circumstances. This might allow remote attackers to connect without being detected, as the database-level audit settings are not applied as intended.

Recommendations For IBM DB2 UDB version 9.5 before FP6a, apply FP6a to resolve the issue.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2010-3739

Affected Products

Ibm Db2 Udb

PT-2010-5033 · Ibm · Ibm Db2 Udb

CVE-2010-3739

Weakness Enumeration

Related Identifiers

Affected Products

References · 3