Unrated severityNVD Advisory· Published Nov 7, 2025· Updated Nov 7, 2025

IBM Db2 improper account lockout

CVE-2025-33012

Description

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux could allow an authenticated user to regain access after account lockout due to password use after expiration date.

Affected products

IBM/Db2v52 versions
cpe:2.3:a:ibm:db2:10.5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:db2:10.5.0:*:*:*:*:*:*:*range: 10.5.0
- (no CPE)range: >=10.5.0 <=10.5.11 || >=11.1.0 <=11.1.4.7 || >=11.5.0 <=11.5.9 || >=12.1.0 <=12.1.3 on Linux

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ibm.com/support/pages/node/7250469mitrevendor-advisorypatch

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000