IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes DB2 Connect Server) stores potentially sensitive information in log files that could be read by a local user.
Weakness
The product writes sensitive information to a log file.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Db2 | Ibm | 11.5.0 (including) | 11.5.9 (including) |
| Db2 | Ibm | 12.1.0 (including) | 12.1.4 (including) |