Description
IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
patch
https://www.ibm.com/support/pages/node/7266272
Scores
CVSS v3
5.3
EPSS
0.0001
EPSS Percentile
0.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-353
Status
published
Products (2)
IBM/Db2 Recovery Expert
5.5 IF 2
ibm/db2_recovery_expert
5.5.0 interim_fix_002 (3 CPE variants)
Published
Mar 17, 2026
Tracked Since
Mar 18, 2026