CVE-2021-20373
Summary
| CVE | CVE-2021-20373 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-12-09 17:15:00 UTC |
| Updated | 2023-08-08 14:22:00 UTC |
| Description | IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. IBM X-Force ID: 199521. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Hp | Hp-ux | - | All | All | All |
| Operating System | Ibm | Aix | - | All | All | All |
| Application | Ibm | Db2 | 10.1 | All | All | All |
| Application | Ibm | Db2 | 10.5 | All | All | All |
| Application | Ibm | Db2 | 11.1 | All | All | All |
| Application | Ibm | Db2 | 11.5 | All | All | All |
| Application | Ibm | Db2 | 9.7 | All | All | All |
| Operating System | Linux | Linux Kernel | - | All | All | All |
| Operating System | Microsoft | Windows | - | All | All | All |
| Operating System | Oracle | Solaris | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-2021-20373 IBM DB2 Vulnerability in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Security Bulletin: IBM® Db2® may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. (CVE-2021-20373) | CONFIRM | www.ibm.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.