Db2 On Cloud Pak For Data And Db2 Warehouse On Cloud Pak For Data
Monthly
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.
Improper token validation in IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data allows a privileged user to exceed their authorized scope, performing operations and accessing sensitive information beyond their granted permissions. Affected versions span 4.8 through 5.3, covering both the standard and warehouse variants of the product. No public exploit identified at time of analysis, and no active exploitation confirmed via CISA KEV, though the high integrity impact (I:H) signals meaningful risk for multi-tenant or regulated deployments.
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.
Improper token validation in IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data allows a privileged user to exceed their authorized scope, performing operations and accessing sensitive information beyond their granted permissions. Affected versions span 4.8 through 5.3, covering both the standard and warehouse variants of the product. No public exploit identified at time of analysis, and no active exploitation confirmed via CISA KEV, though the high integrity impact (I:H) signals meaningful risk for multi-tenant or regulated deployments.
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.