PT-2024-27630 · Ibm · Ibm Db2
Published
2024-08-14
·
Updated
2024-08-23
·
CVE-2024-37529
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) versions 11.1 and 11.5
Description
The issue allows an authenticated user to cause a denial of service with a specially crafted query due to improper memory allocation.
Recommendations
For versions 11.1 and 11.5, update to a version that includes the fix for this issue to prevent denial of service attacks.
As a temporary workaround, consider restricting access to crafted queries until a patch is available.
Avoid using specially crafted queries in the affected IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) versions until the issue is resolved.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Db2