CVE-2023-29258

Name of the Vulnerable Software and Affected Versions IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) versions 11.1 through 11.5

Description The issue exists due to insufficient input validation in the system, allowing a remote attacker to cause a denial of service through a specially crafted query. This can be achieved by exploiting a federated query on specific federation objects.

Recommendations For versions 11.1 through 11.5, apply the necessary patch or update to fix the denial of service issue. As a temporary workaround, consider restricting access to federated queries on specific federation objects until a patch is available.