VYPR
Unrated severityNVD Advisory· Published Oct 22, 2008· Updated Jun 16, 2026

CVE-2008-4693

CVE-2008-4693

Description

The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows attackers to obtain sensitive information by reading "PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES."

Affected products

11
  • IBM/Db211 versions
    cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp4a:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:*:fp1:*:*:*:*:*:*range: <=9.5
    • cpe:2.3:a:ibm:db2:*:fp5:*:*:*:*:*:*range: <=9.1
    • (no CPE)range: <9.1 FP6, <9.5 FP2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.