IBM DB2 10.1 Information Disclosure Vulnerability


IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.


The information has been provided by IBM

The original article can be found at:


IBM DB2 is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

Vulnerable Systems:

IBM DB2 9.7 FP11
IBM DB2 9.7
IBM DB2 iFix001
IBM DB2 11.1
IBM DB2 10.5 FP10
IBM DB2 10.5
IBM DB2 10.1 FP6
IBM DB2 10.1

CVE Information:

Disclosure Timeline:

Categories: News