| Vulnerability Name: | CVE-2014-6097 (CCN-95945) | ||||||||
| Assigned: | 2014-11-07 | ||||||||
| Published: | 2014-11-07 | ||||||||
| Updated: | 2017-09-08 | ||||||||
| Summary: | IBM DB2 9.7 before FP10 and 9.8 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement. | ||||||||
| CVSS v3 Severity: | 4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H)
| ||||||||
| CVSS v2 Severity: | 4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P) 3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:U/RL:OF/RC:C)
4.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-20 | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2014-6097 Source: AIXAPAR Type: Vendor Advisory IT03786 Source: AIXAPAR Type: UNKNOWN IT04034 Source: CONFIRM Type: Patch, Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21684812 Source: CCN Type: IBM Security Bulletin 1692238 IBM InfoSphere Balanced Warehouse C3000, C4000, IBM Smart Analytics System 1050, 2050, 5600, 5710, 7600, 7700 and 7710 are affected by an IBM DB2 LUW ALTER TABLE statement vulnerability (CVE-2014-6097) Source: CCN Type: BID-70983 Multiple IBM DB2 Products CVE-2014-6097 Remote Denial of Service Vulnerability Source: XF Type: UNKNOWN ibm-db2-cve20146097-dos(95945) Source: XF Type: UNKNOWN ibm-db2-cve20146097-dos(95945) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||