Unauthorized Command Execution in IBM DB2 with CLIENT Authentication

Unauthorized Command Execution in IBM DB2 with CLIENT Authentication

CVE-2017-1520 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. IBM X-Force ID: 129830.

Learn more about our Cis Benchmark Audit For Ibm Db2.