CVE-2011-1846 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2011-1846

Deferred

More Info Official Page

Source-cve@mitre.org

Published At-03 May, 2011 | 20:55

Updated At-11 Apr, 2025 | 00:51

IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757. NOTE: some of these details are obtained from third party information.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 6.5

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:S/C:P/I:P/A:P

CPE Matches

IBM Corporation

>>db2>>Versions up to 9.5(inclusive)

cpe:2.3:a:ibm:db2:*:fp6a:*:*:*:*:*:*

IBM Corporation

>>db2>>9.5

cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*

IBM Corporation

>>db2>>9.5

cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*

IBM Corporation

>>db2>>9.5

cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*

IBM Corporation

>>db2>>9.5

cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*

IBM Corporation

>>db2>>9.5

cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*

IBM Corporation

>>db2>>9.5

cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*

IBM Corporation

>>db2>>9.5

cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*

IBM Corporation

>>db2>>9.5

cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:*

IBM Corporation

>>db2>>9.5

cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:*

IBM Corporation

>>db2>>9.5

cpe:2.3:a:ibm:db2:9.5:fp5:*:*:*:*:*:*

IBM Corporation

>>db2>>9.5

cpe:2.3:a:ibm:db2:9.5:fp6:*:*:*:*:*:*

IBM Corporation

>>db2>>Versions up to 9.7(inclusive)

cpe:2.3:a:ibm:db2:*:fp3:*:*:*:*:*:*

IBM Corporation

>>db2>>9.7

cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*

IBM Corporation

>>db2>>9.7

cpe:2.3:a:ibm:db2:9.7:fp1:*:*:*:*:*:*

IBM Corporation

>>db2>>9.7

cpe:2.3:a:ibm:db2:9.7:fp2:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-264	Primary	nvd@nist.gov

CWE ID: CWE-264

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://secunia.com/advisories/44229	cve@mitre.org	Vendor Advisory
http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71263	cve@mitre.org	N/A
http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71375	cve@mitre.org	N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IC71263	cve@mitre.org	N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IC71375	cve@mitre.org	N/A
http://www.securityfocus.com/bid/47525	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2011/1083	cve@mitre.org	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/66980	cve@mitre.org	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14688	cve@mitre.org	N/A
http://secunia.com/advisories/44229	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71263	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71375	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IC71263	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www-01.ibm.com/support/docview.wss?uid=swg1IC71375	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/47525	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.vupen.com/english/advisories/2011/1083	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/66980	af854a3a-2127-422b-91ae-364da2661108	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14688	af854a3a-2127-422b-91ae-364da2661108	N/A

Hyperlink: http://secunia.com/advisories/44229

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71263

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71375

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IC71263

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IC71375

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.securityfocus.com/bid/47525

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.vupen.com/english/advisories/2011/1083

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/66980

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14688

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/44229

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Vendor Advisory

Hyperlink: http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71263

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71375

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IC71263

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg1IC71375

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: http://www.securityfocus.com/bid/47525

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: http://www.vupen.com/english/advisories/2011/1083

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Vendor Advisory

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/66980

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14688

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A