CVE-2022-22390
HIGHIBM Db2 9.7, 10.1, 10.5, 11.1, 11.5 - Information Disclosure via Table Function
Title source: llmDescription
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/pages/node/6597993
VDB Entry, Vendor Advisory vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/221973
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20220729-0007/
Scores
CVSS v3
7.5
EPSS
0.0027
EPSS Percentile
50.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-269
Status
published
Products (5)
ibm/db2
9.7
ibm/db2
10.1
ibm/db2
10.5
ibm/db2
11.1
ibm/db2
11.5
Published
Jun 24, 2022
Tracked Since
Feb 18, 2026