1. CVE-Search
  2. CVE-2014-8901
ID CVE-2014-8901
Summary IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted XML query.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 28-09-2018 - 10:29)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:P
refmap via4
aixapar
  • IT05933
  • IT05936
  • IT05937
  • IT05938
  • IT05939
bid 71734
confirm http://www-01.ibm.com/support/docview.wss?uid=swg21692358
xf ibm-xml-cve20148901-dos(99110)
Last major update 28-09-2018 - 10:29
Published 18-12-2014 - 16:59
Last modified 28-09-2018 - 10:29
Back to Top