CVE-2013-4033

high

Description

IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/86093

http://www-01.ibm.com/support/docview.wss?uid=swg21646809

http://www-01.ibm.com/support/docview.wss?uid=swg1IC94758

http://www-01.ibm.com/support/docview.wss?uid=swg1IC94757

http://www-01.ibm.com/support/docview.wss?uid=swg1IC94756

http://www-01.ibm.com/support/docview.wss?uid=swg1IC94523

Details

Source: Mitre, NVD

Published: 2013-08-28

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00952

Detections

Analytics