← Volver a CVEs
CVE-2025-1992
MEDIUM5.3
Descripcion
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user in federation environment, to cause a denial of service due to insufficient release of allocated memory after usage.
Detalles CVE
Puntuacion CVSS v3.15.3
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Vector de ataqueNETWORK
ComplejidadHIGH
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado5/5/2025
Ultima modificacion11/3/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
ibm:db2linux:linux_kernelmicrosoft:windowsopengroup:unix
Debilidades (CWE)
CWE-401
Referencias
https://www.ibm.com/support/pages/node/7232515(psirt@us.ibm.com)
https://security.netapp.com/advisory/ntap-20250516-0002/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.