CVE-2012-2196 (GCVE-0-2012-2196)
Vulnerability from cvelistv5 – Published: 2012-07-25 10:00 – Updated: 2024-08-06 19:26
VLAI
EPSS
VEX
Summary
IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored procedure.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg… | vendor-advisoryx_refsource_AIXAPAR |
| http://www-01.ibm.com/support/docview.wss?uid=swg… | vendor-advisoryx_refsource_AIXAPAR |
| http://secunia.com/advisories/49919 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/54487 | vdb-entryx_refsource_BID |
| http://www-01.ibm.com/support/docview.wss?uid=swg… | x_refsource_CONFIRM |
| http://www-01.ibm.com/support/docview.wss?uid=swg… | vendor-advisoryx_refsource_AIXAPAR |
| http://www-01.ibm.com/support/docview.wss?uid=swg… | vendor-advisoryx_refsource_AIXAPAR |
| http://www-01.ibm.com/support/docview.wss?uid=swg… | vendor-advisoryx_refsource_AIXAPAR |
Date Public
2012-07-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:08.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IC84712",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712"
},
{
"name": "IC84751",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751"
},
{
"name": "49919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49919"
},
{
"name": "54487",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54487"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21600837"
},
{
"name": "IC84614",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614"
},
{
"name": "IC84750",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750"
},
{
"name": "IC84748",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-07-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-21T17:57:01.000Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IC84712",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712"
},
{
"name": "IC84751",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751"
},
{
"name": "49919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49919"
},
{
"name": "54487",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54487"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21600837"
},
{
"name": "IC84614",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614"
},
{
"name": "IC84750",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750"
},
{
"name": "IC84748",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-2196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IC84712",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712"
},
{
"name": "IC84751",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751"
},
{
"name": "49919",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49919"
},
{
"name": "54487",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54487"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21600837",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21600837"
},
{
"name": "IC84614",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614"
},
{
"name": "IC84750",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750"
},
{
"name": "IC84748",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2012-2196",
"datePublished": "2012-07-25T10:00:00.000Z",
"dateReserved": "2012-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:26:08.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2012-2196",
"date": "2026-07-18",
"epss": "0.02404",
"percentile": "0.82198"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B28091A-8772-41DC-9D91-D5359CDDA7A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04A3E057-5DD6-494F-9195-BB57BA107877\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B2D2913-079E-41D5-975D-DB62309ED9BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.2:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A7D0F90-0DEB-49BD-B753-BB832B0554CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EAC88935-B62C-4510-8246-2E0E9D63DF57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.3:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"A687DD0E-0212-4F2F-AF24-8DCB3AF60C3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2FAF674-6583-4BA1-BE1F-6CF14D129036\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.4:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC4C04EA-8A95-423E-9EDC-1F29B42C8065\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1D21588-6838-48A3-86E5-1ADFE71951E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB96916D-C245-4CEA-B435-FAF4454E3251\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.6:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6814580-113F-498D-AC07-425C970059DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51CE1063-6DAF-484D-A0B2-6F4D6F18B39B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.7:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"15E1897A-FEC0-47CB-AC32-0787A8B236B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87956B68-68C7-4CEB-AA74-454F1DC26DBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"252B1BCD-D326-4425-A923-B05BB32D08BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E8D741D-4F55-4BE4-ADA6-ADDAC02E5A1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.1.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8336EA8D-BD3C-4B25-80C1-A85F64328039\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11ABF7CC-2FA5-4F2D-901A-2D0EF5B8E717\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95D26FF3-1D40-49D6-A5BB-284FE1B89288\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7A2E9C9-8EB4-4127-8278-E976D4D3B7C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.2:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC1ED577-3F11-415F-90C8-62B9EC21CA08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E054B24-704E-4C05-8E58-3FE0A04D84EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.3:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C72E084-0266-4389-B8BB-202292D47DB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.3:b:*:*:*:*:*:*\", \"matchCriteriaId\": \"008B98FD-1DE2-4323-B20E-7BD422EB6771\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E12C4D6E-7AF9-44F9-9389-F9CA7409C41F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.4:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A1C889C-885B-4DB3-A5F4-89A0B1DE0F47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C13BB7FD-718B-499E-87C7-637D2A2E3D5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.6:a:*:*:*:*:*:*\", \"matchCriteriaId\": \"267FE109-013A-482E-8078-161FA0991973\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2F30C1B-0799-49A2-BAA5-26A6030B7682\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C4E4D16-3C35-42BD-A131-AF0DFC2D20AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.5.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B7D92A9-BC9A-4F56-AEA6-CE06C7688070\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8A8E221-7045-4BAD-9B29-ABBC5216559D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56C39DC1-AD23-4F26-9727-EC0FBDF84BEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2513D42C-E558-4CC7-88D3-BB44F1B40157\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F441BE8-AEC0-44F0-875E-03C65A45CF68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"036E9715-CFAA-4F2A-B432-181EDCA3D812\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A55FBA0-4DFC-493D-91EF-EB56C241F9CE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D72D43DB-9A92-4E12-853B-F5FC9421D5EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.8.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"734E79E6-4A83-4CBF-B8B3-2D6D4491728E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.8.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3631F758-5C8F-4D24-81C1-D6146B0209CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:9.8.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CB6E617-98EA-4944-9211-FFEE9E50FE55\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2952EB24-A015-4EC7-85E3-88588D0AB15B\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored procedure.\"}, {\"lang\": \"es\", \"value\": \"IBM DB2 v9.1 antes de FP12, v9.5 hasta el FP9, v9.7 hasta el FP6, v9.8 hasta el FP5 y v10.1 permite a atacantes remotos leer archivos XML de su elecci\\u00f3n a trav\\u00e9s de los procedimientos almacenados (1) GET_WRAP_CFG_C o (2) GET_WRAP_CFG_C2.\\r\\n\"}]",
"id": "CVE-2012-2196",
"lastModified": "2024-11-21T01:38:41.233",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2012-07-25T10:42:34.757",
"references": "[{\"url\": \"http://secunia.com/advisories/49919\", \"source\": \"psirt@us.ibm.com\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614\", \"source\": \"psirt@us.ibm.com\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712\", \"source\": \"psirt@us.ibm.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748\", \"source\": \"psirt@us.ibm.com\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750\", \"source\": \"psirt@us.ibm.com\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751\", \"source\": \"psirt@us.ibm.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21600837\", \"source\": \"psirt@us.ibm.com\"}, {\"url\": \"http://www.securityfocus.com/bid/54487\", \"source\": \"psirt@us.ibm.com\"}, {\"url\": \"http://secunia.com/advisories/49919\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www-01.ibm.com/support/docview.wss?uid=swg21600837\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/54487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2012-2196\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2012-07-25T10:42:34.757\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored procedure.\"},{\"lang\":\"es\",\"value\":\"IBM DB2 v9.1 antes de FP12, v9.5 hasta el FP9, v9.7 hasta el FP6, v9.8 hasta el FP5 y v10.1 permite a atacantes remotos leer archivos XML de su elecci\u00f3n a trav\u00e9s de los procedimientos almacenados (1) GET_WRAP_CFG_C o (2) GET_WRAP_CFG_C2.\\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B28091A-8772-41DC-9D91-D5359CDDA7A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04A3E057-5DD6-494F-9195-BB57BA107877\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B2D2913-079E-41D5-975D-DB62309ED9BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.2:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A7D0F90-0DEB-49BD-B753-BB832B0554CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAC88935-B62C-4510-8246-2E0E9D63DF57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.3:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"A687DD0E-0212-4F2F-AF24-8DCB3AF60C3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2FAF674-6583-4BA1-BE1F-6CF14D129036\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.4:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC4C04EA-8A95-423E-9EDC-1F29B42C8065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1D21588-6838-48A3-86E5-1ADFE71951E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB96916D-C245-4CEA-B435-FAF4454E3251\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.6:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6814580-113F-498D-AC07-425C970059DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51CE1063-6DAF-484D-A0B2-6F4D6F18B39B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.7:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"15E1897A-FEC0-47CB-AC32-0787A8B236B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87956B68-68C7-4CEB-AA74-454F1DC26DBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"252B1BCD-D326-4425-A923-B05BB32D08BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E8D741D-4F55-4BE4-ADA6-ADDAC02E5A1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.1.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8336EA8D-BD3C-4B25-80C1-A85F64328039\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11ABF7CC-2FA5-4F2D-901A-2D0EF5B8E717\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95D26FF3-1D40-49D6-A5BB-284FE1B89288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7A2E9C9-8EB4-4127-8278-E976D4D3B7C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.2:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC1ED577-3F11-415F-90C8-62B9EC21CA08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E054B24-704E-4C05-8E58-3FE0A04D84EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.3:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C72E084-0266-4389-B8BB-202292D47DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.3:b:*:*:*:*:*:*\",\"matchCriteriaId\":\"008B98FD-1DE2-4323-B20E-7BD422EB6771\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E12C4D6E-7AF9-44F9-9389-F9CA7409C41F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.4:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A1C889C-885B-4DB3-A5F4-89A0B1DE0F47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C13BB7FD-718B-499E-87C7-637D2A2E3D5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.6:a:*:*:*:*:*:*\",\"matchCriteriaId\":\"267FE109-013A-482E-8078-161FA0991973\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2F30C1B-0799-49A2-BAA5-26A6030B7682\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C4E4D16-3C35-42BD-A131-AF0DFC2D20AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.5.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B7D92A9-BC9A-4F56-AEA6-CE06C7688070\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8A8E221-7045-4BAD-9B29-ABBC5216559D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56C39DC1-AD23-4F26-9727-EC0FBDF84BEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2513D42C-E558-4CC7-88D3-BB44F1B40157\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F441BE8-AEC0-44F0-875E-03C65A45CF68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036E9715-CFAA-4F2A-B432-181EDCA3D812\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A55FBA0-4DFC-493D-91EF-EB56C241F9CE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D72D43DB-9A92-4E12-853B-F5FC9421D5EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"734E79E6-4A83-4CBF-B8B3-2D6D4491728E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3631F758-5C8F-4D24-81C1-D6146B0209CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:9.8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CB6E617-98EA-4944-9211-FFEE9E50FE55\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2952EB24-A015-4EC7-85E3-88588D0AB15B\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/49919\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21600837\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www.securityfocus.com/bid/54487\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://secunia.com/advisories/49919\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84614\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84712\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84748\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84750\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1IC84751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21600837\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/54487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…