CVE-2023-42005 : IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0,

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 3.5, 4.0, 4.5, 4.6, 4.7, and 4.8 could allow a user with access to the Kubernetes pod, to make system calls compromising the security of containers. IBM X-Force ID: 265264.

Published 2024-05-29 13:15:49

Updated 2024-05-29 15:18:26

Source IBM Corporation

View at NVD, CVE.org

Products affected by CVE-2023-42005

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2023-42005

EPSS FAQ

0.02%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 4 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-42005

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.4	HIGH	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	1.4	5.9	IBM Corporation	2024-05-29
Attack Vector: Local Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2023-42005

CWE-264

Assigned by: psirt@us.ibm.com (Primary)

References for CVE-2023-42005

https://www.ibm.com/support/pages/node/7155078

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data
https://exchange.xforce.ibmcloud.com/vulnerabilities/265264

IBM Db2 on Cloud Pak for Data privilege escalation CVE-2023-42005 Vulnerability Report

Jump to

Vulnerability Details : CVE-2023-42005

Products affected by CVE-2023-42005

Exploit prediction scoring system (EPSS) score for CVE-2023-42005

CVSS scores for CVE-2023-42005

CWE ids for CVE-2023-42005

References for CVE-2023-42005