CVE-2009-4438

CVE-2009-4438 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated users to make use of data via unspecified vectors.

Learn more about our Cis Benchmark Audit For Ibm Db2.