CVE-2025-27904
MEDIUMIBM DB2 Recovery Expert 5.5 IF002 - CSRF
Title source: llmDescription
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
Scores
CVSS v3
6.5
EPSS
0.0001
EPSS Percentile
2.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Classification
CWE
CWE-352
Status
published
Affected Products (3)
ibm/db2_recovery_expert
ibm/db2_recovery_expert
ibm/db2_recovery_expert
Timeline
Published
Feb 17, 2026
Tracked Since
Feb 18, 2026