CVE-2023-52296

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Apr 3, 2024
CWE ID 20

Summary

CVE-2023-52296 is a vulnerability affecting IBM DB2 for Linux, UNIX, and Windows (including Db2 Connect Server) 11.5. The vulnerability allows for a denial of service attack when querying a specific UDF built-in function concurrently. The base severity of this vulnerability is classified as MEDIUM, with a base score of 5.3 out of 10. It requires low privileges and has no user interaction required. The attack vector is through the network, and the impact primarily affects availability. To remediate this vulnerability, organizations using IBM DB2 should apply the necessary patches or updates provided by IBM to address the issue promptly. Failure to do so could result in potential disruption to the affected system's availability.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-52296 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options