CVE-2017-1150

low

Published 2017-03-08 · Modified 2026-05-13

CVSS v3

3.1

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2

3.5

VIR risk

3.1

Description

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could allow an authenticated attacker with specialized access to tables that they should not be permitted to view. IBM Reference #: 1999515.

Predictions

Exploit likelihood

42%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www.ibm.com/support/docview.wss?uid=swg21999515

Application impact

Vendor	Product	Versions
ibm	db2	`10.1`
ibm	db2	`10.5`
ibm	db2	`11.1`

References

http://www.ibm.com/support/docview.wss?uid=swg21999515
http://www.securityfocus.com/bid/96597
http://www.securitytracker.com/id/1037946
http://www.ibm.com/support/docview.wss?uid=swg21999515
http://www.securityfocus.com/bid/96597
http://www.securitytracker.com/id/1037946

CWEs

CWE-269

Verify integrity in audit chain (admin only). AS-IS.