CVE-2015-1883
IBM DB2 9.7-9.7 FP10, 9.8-9.8 FP5, 10.1 < FP5, 10.5-10.5 FP5 - Sensitive Information Exposure via Stored Procedure
Title source: llmDescription
IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to read certain administrative files via crafted use of an automated-maintenance policy stored procedure.
References (7)
Core 7
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21698308
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75946
Various Sources vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08085
Vendor Advisory vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08080
Various Sources vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08086
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032881
Various Sources vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08075
Scores
EPSS
0.0190
EPSS Percentile
77.2%
Details
CWE
CWE-200
Status
published
Products (4)
ibm/db2
9.7 (5 CPE variants)
ibm/db2
9.8 (5 CPE variants)
ibm/db2
10.1 (5 CPE variants)
ibm/db2
10.5 (5 CPE variants)
Published
Jul 20, 2015
Tracked Since
Feb 18, 2026