PT-2025-45485 · Ibm · Ibm Db2
Published
2025-11-07
·
Updated
2025-11-19
·
CVE-2025-33012
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Db2 versions 10.5.0 through 10.5.11
IBM Db2 versions 11.1.0 through 11.1.4.7
IBM Db2 versions 11.5.0 through 11.5.9
IBM Db2 versions 12.1.0 through 12.1.3
Description
The software contains a flaw that may allow an authenticated user to regain access after account lockout, specifically due to password use after the expiration date.
Recommendations
IBM Db2 versions 10.5.0 through 10.5.11 should be updated.
IBM Db2 versions 11.1.0 through 11.1.4.7 should be updated.
IBM Db2 versions 11.5.0 through 11.5.9 should be updated.
IBM Db2 versions 12.1.0 through 12.1.3 should be updated.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Db2