Vulnerability CVE-2017-1520 - CERT Civis.Net

Vulnerability Name:

CVE-2017-1520 (CCN-129830)

Assigned:

2016-11-30

Published:

2017-09-08

Updated:

2017-09-15

Summary:

IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830.

CVSS v3 Severity:

3.7 Low (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
3.2 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
3.2 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Configuration

References:

Source: MITRE
Type: CNA
CVE-2017-1520

Source: CCN
Type: IBM Security Bulletin 2007186 (DB2 for Linux, UNIX and Windows)
IBM Db2 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT (CVE-2017-1520)

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22007186

Source: CCN
Type: IBM Security Bulletin 2008363 (BigInsights)
BigInsights is affected by multiple vulnerabilities in Db2

Source: CCN
Type: IBM Security Bulletin 2008900 (Monitoring)
Security vulnerabilities have been identified in DB2 which is shipped with IBM Performance Management products

Source: BID
Type: Third Party Advisory, VDB Entry
100684

Source: CCN
Type: BID-100684
IBM DB2 CVE-2017-1520 Security Bypass Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1039308

Source: MISC
Type: Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/129830

Source: XF
Type: UNKNOWN
ibm-db2-cve20171520-improper-access(129830)

Vulnerable Configuration:

Configuration 1:

cpe:/a:ibm:db2:9.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.9:a:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.10:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:9.7.0.11:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.1:*:*:*:*:-:*:*

OR cpe:/a:ibm:db2:10.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.1.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.1.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.5.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.5.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.5.0.3:a:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.5.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.5.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.5.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.5.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:11.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7.0.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7.0.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7.0.10:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:9.7.0.11:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.1.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.1.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.5.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.5.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.5.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.5.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.5.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:10.5.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_connect:11.1.0.0:*:*:*:*:*:*:*

AND

cpe:/o:linux:linux_kernel:-:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:-:*:*:*:*:*:*:*

Denotes that component is vulnerable