CVE-2008-6820

Severity Score

10.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The db2fmp process in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 on Windows runs with "OS privilege," which has unknown impact and attack vectors, a different vulnerability than CVE-2008-3856.

El proceso db2fmp en IBM DB2 v8 anterior a FP17, v9.1 anterior a FP5 y v9.5 anterior a FP2 sobre Windows, se ejecuta con "privilegios OS" lo que tiene unos vectores de ataque e impacto desconocidos. Vulnerabilidad distinta de CVE-2008-3856.

*Credits: N/A

CVSS Scores

NISTv2 10.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2009-06-03 CVE Reserved
2009-06-03 CVE Published
2023-12-02 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-16: Configuration

CAPEC

References (7)

URL	Tag	Source
http://osvdb.org/48149	Vdb Entry
http://www.securityfocus.com/bid/31058	Vdb Entry

URL	Date	SRC

URL	Date	SRC
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT	2009-08-12
http://www-01.ibm.com/support/docview.wss?uid=swg1JR30026	2009-08-12
http://www-01.ibm.com/support/docview.wss?uid=swg1JR30227	2009-08-12
http://www-01.ibm.com/support/docview.wss?uid=swg1JR30228	2009-08-12
http://www-01.ibm.com/support/docview.wss?uid=swg21318189	2009-08-12

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	8.0 Search vendor "Ibm" for product "Db2" and version "8.0"	fp1	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	8.0 Search vendor "Ibm" for product "Db2" and version "8.0"	fp10	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	8.0 Search vendor "Ibm" for product "Db2" and version "8.0"	fp11	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	8.0 Search vendor "Ibm" for product "Db2" and version "8.0"	fp12	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	8.0 Search vendor "Ibm" for product "Db2" and version "8.0"	fp13	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	8.0 Search vendor "Ibm" for product "Db2" and version "8.0"	fp14	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	8.0 Search vendor "Ibm" for product "Db2" and version "8.0"	fp15	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	8.0 Search vendor "Ibm" for product "Db2" and version "8.0"	fp16	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	9.1 Search vendor "Ibm" for product "Db2" and version "9.1"	fp1	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	9.1 Search vendor "Ibm" for product "Db2" and version "9.1"	fp2	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	9.1 Search vendor "Ibm" for product "Db2" and version "9.1"	fp3	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	9.1 Search vendor "Ibm" for product "Db2" and version "9.1"	fp3a	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	9.1 Search vendor "Ibm" for product "Db2" and version "9.1"	fp4	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	9.1 Search vendor "Ibm" for product "Db2" and version "9.1"	fp4a	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe
Ibm Search vendor "Ibm"	Db2 Search vendor "Ibm" for product "Db2"	9.5 Search vendor "Ibm" for product "Db2" and version "9.5"	fp1	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	*	-	Safe