CVE-2010-3197

medium

Description

IBM DB2 9.7 before FP2 does not perform the expected access control on the monitor administrative views in the SYSIBMADM schema, which allows remote attackers to obtain sensitive information via unspecified vectors.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IC67819

http://www-01.ibm.com/support/docview.wss?uid=swg21432298

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14430

Details

Source: MITRE

Published: 2010-08-31

Updated: 2017-09-19

Type: CWE-264

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM