Unrated severityNVD Advisory· Published Jul 8, 2023· Updated Feb 13, 2025

IBM Db2 denial of service

CVE-2023-30446

Description

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query on certain tables. IBM X-Force ID:

253361

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

IBM Db2 10.5, 11.1, and 11.5 vulnerable to denial of service via specially crafted queries on certain tables.

Vulnerability

IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) versions 10.5, 11.1, and 11.5 are vulnerable to denial of service when a specially crafted query is executed on certain tables. The vulnerability requires low privileges, high attack complexity, and no user interaction [1].

Exploitation

An authenticated attacker with network access can exploit this vulnerability by sending a specially crafted query to the vulnerable tables. The attack complexity is high, meaning the attacker may need to gather additional information or perform specific conditions for a successful attack. No user interaction is required [1].

Impact

Successful exploitation results in a denial of service condition, causing high availability impact. There is no impact on confidentiality or integrity, and the scope remains unchanged [1].

Mitigation

As of the publication date, IBM has not released a fix for this vulnerability. No workarounds are mentioned in the available reference. Users should monitor for updates from IBM [1].

References

IBM® Db2® has multiple denial of service vulnerabilities with a specially crafted query

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

IBM/Db2 for Linux, UNIX and Windowsllm-fuzzy
Range: 10.5, 11.1, 11.5
IBM/Db2 Recovery Expert for Linux, UNIX and Windowscpe-rescue
Range: 10.5, 11.1, 11.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ibm.com/support/pages/node/7010557mitrevendor-advisory
exchange.xforce.ibmcloud.com/vulnerabilities/253361mitrevdb-entry
security.netapp.com/advisory/ntap-20230731-0007/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000