IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to an information disclosure in some scenarios due to unauthorized access caused by improper privilege management when CREATE OR REPLACE command is used. IBM X-Force ID: 225979.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Db2 | Ibm | 9.7.0.0 (including) | 9.7.0.0 (including) |
Db2 | Ibm | 10.1 (including) | 10.1 (including) |
Db2 | Ibm | 10.5 (including) | 10.5 (including) |
Db2 | Ibm | 11.1 (including) | 11.1 (including) |
Db2 | Ibm | 11.5 (including) | 11.5 (including) |