Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Db2U

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2022-41297
Assigner-IBM Corporation
ShareView Details
Assigner-IBM Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.06% / 18.98%
||
7 Day CHG+0.01%
Published-01 Dec, 2022 | 17:30
Updated-24 Apr, 2025 | 19:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2U cross-site request forgery

IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237212.

Action-Not Available
Vendor-IBM Corporation
Product-db2udb2_on_cloud_pak_for_datadb2_warehouse_on_cloud_pak_for_dataDb2U
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2022-41296
Assigner-IBM Corporation
ShareView Details
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 25.01%
||
7 Day CHG+0.02%
Published-01 Dec, 2022 | 17:24
Updated-03 Aug, 2024 | 12:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Db2U cross-site respect forgery

IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210.

Action-Not Available
Vendor-IBM Corporation
Product-db2_warehousedb2Db2U
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)