CVE-2015-1922
IBM DB2 9.7-10.5 - Authenticated Table Row Deletion via Data Movement
Title source: llmDescription
The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to bypass intended access restrictions and delete table rows via unspecified vectors.
References (7)
Core 7
Core References
Various Sources x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21959650
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75911
Various Sources vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08524
Patch, Vendor Advisory vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08523
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032879
Vendor Advisory vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08525
Various Sources vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT08526
Scores
EPSS
0.0175
EPSS Percentile
75.1%
Details
CWE
CWE-284
Status
published
Products (4)
ibm/db2
9.7 (5 CPE variants)
ibm/db2
9.8 (5 CPE variants)
ibm/db2
10.1 (5 CPE variants)
ibm/db2
10.5 (5 CPE variants)
Published
Jul 20, 2015
Tracked Since
Feb 18, 2026