CVE-2022-22389

Name of the Vulnerable Software and Affected Versions IBM Db2 for Linux, UNIX and Windows versions 9.7, 10.1, 10.5, 11.1, and 11.5

Description The issue allows an authenticated user to execute specially crafted SQL statements, potentially causing the server to terminate abnormally, resulting in a denial of service.

Recommendations For IBM Db2 for Linux, UNIX and Windows versions 9.7, 10.1, 10.5, 11.1, and 11.5, consider restricting access to authenticated users to minimize the risk of exploitation. As a temporary workaround, consider implementing additional validation on SQL statements to prevent specially crafted inputs from causing the server to terminate abnormally. At the moment, there is no information about a newer version that contains a fix for this vulnerability.