Unrated severityNVD Advisory· Published Dec 16, 2009· Updated Apr 23, 2026

CVE-2009-4333

Description

The Relational Data Services component in IBM DB2 9.5 before FP5 allows attackers to obtain the password argument from the SET ENCRYPTION PASSWORD statement via vectors involving the GET SNAPSHOT FOR DYNAMIC SQL command.

Affected products

IBM/Db27 versions
cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www-01.ibm.com/support/docview.wssnvdPatch
secunia.com/advisories/37759nvdVendor Advisory
www-01.ibm.com/support/docview.wssnvdVendor Advisory
www-01.ibm.com/support/docview.wssnvdVendor Advisory
www.vupen.com/english/advisories/2009/3520nvdVendor Advisory
ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXTnvd
www.securityfocus.com/bid/37332nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000