VYPR
Unrated severityNVD Advisory· Published Sep 29, 2009· Updated Jun 16, 2026

CVE-2009-3473

CVE-2009-3473

Description

IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • IBM/Db28 versions
    cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp5:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp6:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.1:fp7:*:*:*:*:*:*
    • (no CPE)range: 9.1 < FP8

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.