CVE-2015-1883

medium

Description

IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read certain administrative files via crafted use of an automated-maintenance policy stored procedure.

References

http://www.securitytracker.com/id/1032881

http://www.securityfocus.com/bid/75946

http://www-01.ibm.com/support/docview.wss?uid=swg21698308

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08086

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08085

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08080

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08075

Details

Source: Mitre, NVD

Published: 2015-07-20

Updated: 2025-04-12

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00275