Skip to main content

Db2 On Cloud Pak For Data And Db2 Warehouse On Cloud Pak For Data

3 CVEs product

Monthly

CVE-2023-33854 MEDIUM PATCH This Month

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

IBM Authentication Bypass Db2 On Cloud Pak For Data And Db2 Warehouse On Cloud Pak For Data
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-2669 MEDIUM PATCH This Month

Improper token validation in IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data allows a privileged user to exceed their authorized scope, performing operations and accessing sensitive information beyond their granted permissions. Affected versions span 4.8 through 5.3, covering both the standard and warehouse variants of the product. No public exploit identified at time of analysis, and no active exploitation confirmed via CISA KEV, though the high integrity impact (I:H) signals meaningful risk for multi-tenant or regulated deployments.

IBM Information Disclosure Db2 On Cloud Pak For Data And Db2 Warehouse On Cloud Pak For Data
NVD VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-54178 MEDIUM PATCH This Month

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

IBM Denial Of Service Db2 On Cloud Pak For Data And Db2 Warehouse On Cloud Pak For Data
NVD
CVSS 3.1
6.5
EPSS
0.2%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

IBM Authentication Bypass Db2 On Cloud Pak For Data And Db2 Warehouse On Cloud Pak For Data
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Improper token validation in IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data allows a privileged user to exceed their authorized scope, performing operations and accessing sensitive information beyond their granted permissions. Affected versions span 4.8 through 5.3, covering both the standard and warehouse variants of the product. No public exploit identified at time of analysis, and no active exploitation confirmed via CISA KEV, though the high integrity impact (I:H) signals meaningful risk for multi-tenant or regulated deployments.

IBM Information Disclosure Db2 On Cloud Pak For Data And Db2 Warehouse On Cloud Pak For Data
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

IBM Denial Of Service Db2 On Cloud Pak For Data And Db2 Warehouse On Cloud Pak For Data
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy