fkie_cve-2014-8901
Vulnerability from fkie_nvd
Published
2014-12-18 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML query.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*", "matchCriteriaId": "11ABF7CC-2FA5-4F2D-901A-2D0EF5B8E717", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*", "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:*", "matchCriteriaId": "D72D43DB-9A92-4E12-853B-F5FC9421D5EA", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML query." }, { "lang": "es", "value": "IBM DB2 9.5 hasta FP10, 9.7 hasta FP10, 9.8 hasta FP5, 10.1 hasta FP4 y 10.5 anterior a FP5 permiten a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de una petici\u00f3n XML manipulada." } ], "id": "CVE-2014-8901", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2014-12-18T16:59:18.770", "references": [ { "source": "psirt@us.ibm.com", "tags": [ "Vendor Advisory" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT05933" }, { "source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT05936" }, { "source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT05937" }, { "source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT05938" }, { "source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT05939" }, { "source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692358" }, { "source": "psirt@us.ibm.com", "url": "http://www.securityfocus.com/bid/71734" }, { "source": "psirt@us.ibm.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99110" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT05933" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT05936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT05937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT05938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT05939" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692358" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/71734" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99110" } ], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…