CVE-2010-3739
Severity Score
6.4
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery.
La característica de auditoría en el componente de seguridad de IBM DB2 UDB v9.5 antes de FP6a utiliza la configuración de auditoría a nivel de instancia para capturar los eventos de conexión (también conocidos como CONNECT y AUTHENTICATION) en determinadas circunstancias, lo que podría hacer más fácil a atacantes remotos a la hora de conectarse sin ser descubiertos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-10-05 CVE Reserved
- 2010-10-05 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218 | 2010-10-06 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | <= 9.5 Search vendor "Ibm" for product "Db2 Universal Database" and version " <= 9.5" | fp6 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | 9.5 Search vendor "Ibm" for product "Db2 Universal Database" and version "9.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | 9.5 Search vendor "Ibm" for product "Db2 Universal Database" and version "9.5" | fp1 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | 9.5 Search vendor "Ibm" for product "Db2 Universal Database" and version "9.5" | fp2 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | 9.5 Search vendor "Ibm" for product "Db2 Universal Database" and version "9.5" | fp2a |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | 9.5 Search vendor "Ibm" for product "Db2 Universal Database" and version "9.5" | fp3 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | 9.5 Search vendor "Ibm" for product "Db2 Universal Database" and version "9.5" | fp3a |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | 9.5 Search vendor "Ibm" for product "Db2 Universal Database" and version "9.5" | fp3b |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | 9.5 Search vendor "Ibm" for product "Db2 Universal Database" and version "9.5" | fp4 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | 9.5 Search vendor "Ibm" for product "Db2 Universal Database" and version "9.5" | fp4a |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database" | 9.5 Search vendor "Ibm" for product "Db2 Universal Database" and version "9.5" | fp5 |
Affected
| ||||||