VDB
CVE-2021-29702
CVE-2021-29702
PUBLISHED
CVSS 7.5 HIGH
Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200658.
EPSS 0.76% · 73.6th percentile
Risk Scores
CVSS 3.0
7.5
CVSS:3.0/AV:N/C:N/PR:N/UI:N/S:U/A:H/AC:L/I:N/RL:O/RC:C/E:U
EPSS Score
0.76%
73.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | DB2 for Linux- UNIX and Windows | 11.1.4, 11.5.5 |
| ibm | db2 | 11.1, 11.5 |
Exploit Intelligence
Timeline
- Jun 16, 2021 CVE Published
- Jun 17, 2021 EPSS Score
- Jun 24, 2021 EPSS Score
- Jul 21, 2021 EPSS Score
- Oct 17, 2021 EPSS Score
- Dec 17, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 17, 2022 EPSS Score
- Jun 16, 2022 EPSS Score
- Aug 17, 2022 EPSS Score
References
- https://www.ibm.com/support/pages/node/6463985 advisory
- https://www.ibm.com/support/pages/node/6464081 advisory
- https://www.ibm.com/support/pages/node/6445497 advisory
- https://www.ibm.com/support/pages/node/6463165 advisory
- ibm-db2-cve202129702-dos (200658) vdb
- https://security.netapp.com/advisory/ntap-20210720-0005/ url
- https://nvd.nist.gov/vuln/detail/CVE-2021-29702 advisory
- https://security.netapp.com/advisory/ntap-20210720-0005 url