CVE-2015-1922

IBM DB2 9.7-10.5 - Authenticated Table Row Deletion via Data Movement

Title source: llm
STIX 2.1

Description

The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to bypass intended access restrictions and delete table rows via unspecified vectors.

References (7)

Core 7
Core References
Various Sources x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21959650
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/75911
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08524
Patch, Vendor Advisory vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08523
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032879
Vendor Advisory vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08525
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08526

Scores

EPSS 0.0175
EPSS Percentile 75.1%

Details

CWE
CWE-284
Status published
Products (4)
ibm/db2 9.7 (5 CPE variants)
ibm/db2 9.8 (5 CPE variants)
ibm/db2 10.1 (5 CPE variants)
ibm/db2 10.5 (5 CPE variants)
Published Jul 20, 2015
Tracked Since Feb 18, 2026