Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM i information disclosure
Vulnerability Description
IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user enumeration by a local authenticated attacker, without having authority to the related *USRPRF objects. This can be used by a malicious actor to gather information about users that can be targeted in further attacks. IBM X-Force ID: 287174.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
响应差异性信息暴露
Vulnerability Title
IBM Db2 安全漏洞
Vulnerability Description
IBM Db2是美国国际商业机器(IBM)公司的一套关系型数据库管理系统。该系统的执行环境主要有UNIX、Linux、IBMi、z/OS以及Windows服务器版本。 IBM Db2 for i 7.2、7.3、7.4 和 7.5版本存在安全漏洞,该漏洞源于 user defined table 函数容易受到本地经过身份验证的攻击者的用户枚举,攻击者利用该漏洞可以收集有关用户的信息。
CVSS Information
N/A
Vulnerability Type
N/A