Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2009-4333

The Relational Data Services component in IBM DB2 9.5 before FP5 allows attackers to obtain the password argument from the SET ENCRYPTION PASSWORD statement via vectors involving the GET SNAPSHOT FOR DYNAMIC SQL command.

  • Published: Dec 16, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-4333
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
ibm / db2 9.5 9.5.x
ibm / db2 9.5-fp1 9.5-fp1.x
ibm / db2 9.5-fp2a 9.5-fp2a.x
ibm / db2 9.5-fp3b 9.5-fp3b.x
ibm / db2 9.5-fp2 9.5-fp2.x
ibm / db2 9.5-fp3 9.5-fp3.x
ibm / db2 9.5-fp3a 9.5-fp3a.x