CVE-2015-1922

medium

Description

The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to bypass intended access restrictions and delete table rows via unspecified vectors.

References

http://www.securitytracker.com/id/1032879

http://www.securityfocus.com/bid/75911

http://www-01.ibm.com/support/docview.wss?uid=swg21959650

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08526

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08525

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08524

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08523

Details

Source: Mitre, NVD

Published: 2015-07-20

Updated: 2018-09-26

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium