Unrated severityNVD Advisory· Published Oct 22, 2008· Updated Jun 16, 2026
CVE-2008-4693
CVE-2008-4693
Description
The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows attackers to obtain sensitive information by reading "PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES."
Affected products
11cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp4a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:*:fp1:*:*:*:*:*:*range: <=9.5
- cpe:2.3:a:ibm:db2:*:fp5:*:*:*:*:*:*range: <=9.1
- (no CPE)range: <9.1 FP6, <9.5 FP2
Patches
Vulnerability mechanics
References
7- ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXTnvd
- secunia.com/advisories/32368nvd
- www-01.ibm.com/support/docview.wssnvd
- www-01.ibm.com/support/docview.wssnvd
- www-01.ibm.com/support/docview.wssnvd
- www.vupen.com/english/advisories/2008/2893nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/46022nvd
News mentions
0No linked articles in our index yet.