CVE-2015-1883

MEDIUM

Description

IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read certain administrative files via crafted use of an automated-maintenance policy stored procedure.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08075

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08080

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08085

http://www-01.ibm.com/support/docview.wss?uid=swg1IT08086

http://www-01.ibm.com/support/docview.wss?uid=swg21698308

http://www.securityfocus.com/bid/75946

http://www.securitytracker.com/id/1032881

Details

Source: MITRE

Published: 2015-07-20

Updated: 2017-09-22

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 4

Vector: (AV:N/AC:L/Au:S/C:P/I:N/A:N)

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM