Vulnerability Description
IBM DB2 10.5 before FP4 on Linux and AIX creates temporary files during CDE table LOAD operations, which allows local users to obtain sensitive information by reading a file while a LOAD is occurring.
CVSS Score
2.1
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Db2 | 10.5 |
| Ibm | Aix | All versions |
| Linux | Linux Kernel | All versions |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT03761PatchVendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21681723
- http://www.securitytracker.com/id/1030806
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95307
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT03761PatchVendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21681723
- http://www.securitytracker.com/id/1030806
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95307
FAQ
What is CVE-2014-4805?
CVE-2014-4805 is a vulnerability with a CVSS score of 2.1 (LOW). IBM DB2 10.5 before FP4 on Linux and AIX creates temporary files during CDE table LOAD operations, which allows local users to obtain sensitive information by reading a file while a LOAD is occurring.
How severe is CVE-2014-4805?
CVE-2014-4805 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-4805?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2, Ibm Aix, Linux Linux Kernel.