Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attacker needs local access and low privileges to influence the JDBC URL (AV:L, PR:L); injection is straightforward (AC:L) and code execution yields full C/I/A impact.
Primary rating from Vendor (ibm).
CVSS VectorVendor: ibm
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution when jdbc url is under user control.
AnalysisAI
Code injection leading to remote code execution affects IBM Db2 versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4 when an attacker can influence the JDBC connection URL passed to the driver. An attacker who controls the JDBC URL (typically via an application that builds connection strings from user input) can inject malicious properties or references that cause arbitrary code to execute in the context of the connecting application/driver host. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that the attacker control, or be able to influence, the JDBC connection URL that is handed to the IBM Db2 driver - for example an application, admin console, or configuration path that builds connection strings from user-supplied values. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The vendor CVSS 3.1 score is 7.8 (High) with vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - local attack vector, low complexity, low privileges required, no user interaction, and full confidentiality/integrity/availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An application allows a user or lower-privileged operator to influence part of a Db2 JDBC connection string (for example a data-source parameter or a 'test connection' feature). The attacker supplies a crafted JDBC URL containing malicious properties that the Db2 driver resolves at connect time, causing arbitrary code to execute with the privileges of the application process. … |
| Remediation | Patch available per vendor advisory - apply the IBM-provided fix pack or iFix documented at https://www.ibm.com/support/pages/node/7279479 for the appropriate Db2 line (11.5.x or 12.1.x); the exact fixed version was not enumerated in the provided data, so consult that advisory for the precise level. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all Db2 deployments running versions 11.5.0-11.5.9 or 12.1.0-12.1.4 and audit which applications construct JDBC connection strings from external input, application configuration files, or admin panels. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Stack-based buffer overflow in the SQL/PSM (aka SQL Persistent Stored Module) Stored Procedure (SP) infrastructure in IB
IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-bas
Stack-based buffer overflow in IBM DB2 9.7 through FP9a, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP4 on Linux
IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors. Rated critic
Remote code execution in IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.4 lets unauthenticated network attackers run arbitrary co
Stack-based buffer overflow in the Java Stored Procedure infrastructure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7
Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows re
IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) duplicates the PRNG state across fork() system
Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.
The Stored Procedure infrastructure in IBM DB2 9.5, 9.7 before FP9a, 10.1 before FP3a, and 10.5 before FP3a on Windows a
The scalar-function implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 o
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker
Same weakness CWE-94 – Code Injection
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-45234
GHSA-wg8r-xcfc-f662