IBM Db2 denial of service
Description
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to denial of service via a specially crafted SQL statement.
Vulnerability
IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) versions 10.5.0.11, 11.1.4.7, and 11.5.x are vulnerable to a denial of service attack via a specially crafted SQL statement [1]. Unsupported earlier releases may also be affected.
Exploitation
An attacker with low privileges and network access to the database server can exploit this vulnerability by sending a specially crafted SQL statement. The attack complexity is high, and no user interaction is required [1].
Impact
Successful exploitation results in a denial of service, affecting the availability of the database server. There is no impact on confidentiality or integrity [1].
Mitigation
IBM has released special builds containing interim fixes for V10.5 FP11, V11.1.4 FP7, and V11.5.9. Customers should download these builds from Fix Central. The APAR is DT222859 [1]. No workaround is available.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: 10.5, 11.1, 11.5
- Range: 10.5, 11.1, 11.5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.ibm.com/support/pages/node/7087143mitrevendor-advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/262257mitrevdb-entry
- security.netapp.com/advisory/ntap-20240119-0001/mitre
News mentions
0No linked articles in our index yet.