VYPR
Unrated severityNVD Advisory· Published Feb 17, 2026· Updated Mar 6, 2026

Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows

CVE-2025-27898

Description

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidate session after a timeout which could allow an authenticated user to impersonate another user on the system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IBM/Db2 Recovery Expertcpe-rescue2 versions
    cpe:2.3:a:ibm:db2_recovery_expert_for_luw:5.5:interim_fix_002:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:db2_recovery_expert_for_luw:5.5:interim_fix_002:*:*:*:*:*:*range: 5.5 Interim Fix 002
    • (no CPE)range: = 5.5 Interim Fix 002

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.