Unrated severityNVD Advisory· Published Sep 29, 2009· Updated Jun 16, 2026
CVE-2009-3473
CVE-2009-3473
Description
IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp5:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp6:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp7:*:*:*:*:*:*
- (no CPE)range: 9.1 < FP8
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.