PT-2026-20235 · Ibm · Ibm Db2 Recovery Expert For Linux+3

Published

2026-02-17

Updated

2026-02-26

CVE-2025-27903

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM DB2 Recovery Expert for LUW version 5.5 Interim Fix 002

Description IBM DB2 Recovery Expert for Linux, UNIX, and Windows transmits data over a cleartext communication channel. This could allow an attacker to intercept sensitive information using man-in-the-middle techniques.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

CVE-2025-27903

Affected Products

Db2 Recovery Expert For Luw

Ibm Db2 Recovery Expert For Linux

Ibm Db2 Recovery Expert For Unix

Ibm Db2 Recovery Expert For Windows

PT-2026-20235 · Ibm · Ibm Db2 Recovery Expert For Linux+3

CVE-2025-27903

Weakness Enumeration

Related Identifiers

Affected Products

References · 6