Vulnerability Details : CVE-2012-2180
The chaining functionality in the Distributed Relational Database Architecture (DRDA) module in IBM DB2 9.7 before FP6 and 9.8 before FP5 allows remote attackers to cause a denial of service (NULL pointer dereference, and resource consumption or daemon crash) via a crafted request.
Vulnerability category: Memory CorruptionDenial of service
Threat overview for CVE-2012-2180
Top countries where our scanners detected CVE-2012-2180
Top open port discovered on systems with this issue
523
IPs affected by CVE-2012-2180 24
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2012-2180!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2012-2180
Probability of exploitation activity in the next 30 days: 0.71%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 78 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-2180
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
References for CVE-2012-2180
-
http://www.ibm.com/support/docview.wss?uid=swg21597090
IBM Security Bulletin: DB2 Denial of Service Vulnerability in DRDA (CVE-2012-2180)Vendor Advisory
-
http://www.ibm.com/support/docview.wss?uid=swg1IC82234
IBM IC82234: SECURITY: DB2 DENIAL OF SERVICE VULNERABILITY IN THE DRDA COMPONENT (CVE-2012-2180).Vendor Advisory
-
http://www.securityfocus.com/bid/53873
IBM DB2 Multiple Security Vulnerabilities
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/75418
IBM DB2 DRDA connection denial of service CVE-2012-2180 Vulnerability Report
Products affected by CVE-2012-2180
- cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.7.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.7.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.8.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.8.0.4:*:*:*:*:*:*:*