CVE-2020-5024
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
11/03/2021
Last modified:
12/04/2021
Description
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the SSL handshake response. IBM X-Force ID: 193660.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:* | 11.1.0.0 (including) | 11.1.4.6 (excluding) |
| cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:* | 11.5 (including) | 11.5.5.0 (excluding) |
| cpe:2.3:a:ibm:db2:9.7:-:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp1:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp10:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp2:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp3:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp3a:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp4:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp5:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp6:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp7:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp8:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp9:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:db2:9.7:fp9a:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page