Security Advisory

CVE-2024-31870

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-15 13:47:19
Last updated 2024-08-22 18:03:12
Assigner ibm
State PUBLISHED

Description

IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user enumeration by a local authenticated attacker, without having authority to the related *USRPRF objects. This can be used by a malicious actor to gather information about users that can be targeted in further attacks. IBM X-Force ID: 287174.