Description
IBM Db2 Big SQL on Cloud Pak for Data versions 7.6 (on CP4D 4.8), 7.7 (on CP4D 5.0), and 7.8 (on CP4D 5.1) do not properly limit the allocation of system resources. An authenticated user with internal knowledge of the environment could exploit this weakness to cause a denial of service.
References (1)
Core 1
Core References
Various Sources vendor-advisory
patch
https://www.ibm.com/support/pages/node/7257907
Scores
CVSS v3
5.3
EPSS
0.0002
EPSS Percentile
5.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-770
Status
published
Products (3)
IBM/Db2 Big SQL on Cloud Pak for Data
IBM Db2 Big SQL 7.6 on Cloud Pak for Data 4.8 - 2.1.0
IBM/Db2 Big SQL on Cloud Pak for Data
IBM Db2 Big SQL 7.7 on Cloud Pak for Data 5.0
IBM/Db2 Big SQL on Cloud Pak for Data
IBM Db2 Big SQL 7.8 on Cloud Pak for Data 5.1
Published
Feb 04, 2026
Tracked Since
Feb 18, 2026