Vulnerability Description
IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.
CVSS Score
4.6
MEDIUM
AV:N/AC:H/Au:S/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Db2 | 9.7 |
| Ibm | Db2 Connect | 9.5 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94523
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94756
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94757
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94758
- http://www-01.ibm.com/support/docview.wss?uid=swg21646809Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86093
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94523
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94756
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94757
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94758
- http://www-01.ibm.com/support/docview.wss?uid=swg21646809Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86093
FAQ
What is CVE-2013-4033?
CVE-2013-4033 is a vulnerability with a CVSS score of 4.6 (MEDIUM). IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.
How severe is CVE-2013-4033?
CVE-2013-4033 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4033?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2, Ibm Db2 Connect.