VYPR
← All advisories
Unrated severityNVD Advisory· Published May 8, 2015· Updated May 6, 2026

CVE-2014-0919

CVE-2014-0919

Description

IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords during the processing of certain SQL statements by the monitoring and audit facilities, which allows remote authenticated users to obtain sensitive information via commands associated with these facilities.

Affected products

25
  • IBM/Db225 versions
    cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_enterprise:*:*:*+ 24 more
    • cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_enterprise:*:*:*
    • cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_workgroup:*:*:*
    • cpe:2.3:a:ibm:db2:10.1:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:ibm:db2:10.1:*:*:*:express:*:*:*
    • cpe:2.3:a:ibm:db2:10.1:*:*:*:workgroup:*:*:*
    • cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_enterprise:*:*:*
    • cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_workgroup:*:*:*
    • cpe:2.3:a:ibm:db2:10.5:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:ibm:db2:10.5:*:*:*:express:*:*:*
    • cpe:2.3:a:ibm:db2:10.5:*:*:*:workgroup:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:*:*:*:advanced_enterprise:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:*:*:*:advanced_workgroup:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:*:*:*:express:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:*:*:*:workgroup:*:*:*
    • cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_enterprise:*:*:*
    • cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_workgroup:*:*:*
    • cpe:2.3:a:ibm:db2:9.7:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:ibm:db2:9.7:*:*:*:express:*:*:*
    • cpe:2.3:a:ibm:db2:9.7:*:*:*:workgroup:*:*:*
    • cpe:2.3:a:ibm:db2:9.8:*:*:*:advanced_enterprise:*:*:*
    • cpe:2.3:a:ibm:db2:9.8:*:*:*:advanced_workgroup:*:*:*
    • cpe:2.3:a:ibm:db2:9.8:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:ibm:db2:9.8:*:*:*:express:*:*:*
    • cpe:2.3:a:ibm:db2:9.8:*:*:*:workgroup:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.