CVE-2020-4135 - Vulnerability Details

Vendors	Products
Ibm	Aix Db2
Linux	Linux Kernel
Microsoft	Windows
Netapp	Oncommand Insight

Link	Providers
https://exchange.xforce.ibmcloud.com/vulnerabilities/173806
https://security.netapp.com/advisory/ntap-20210108-0001/
https://www.ibm.com/support/pages/node/2876307

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "DB2 for Linux- UNIX and Windows", "vendor": "IBM", "versions": [{"status": "affected", "version": "9.7"}, {"status": "affected", "version": "10.1"}, {"status": "affected", "version": "10.5"}, {"status": "affected", "version": "11.1"}, {"status": "affected", "version": "11.5"}]}], "datePublic": "2020-02-18T00:00:00", "descriptions": [{"lang": "en", "value": "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 6.5, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/A:H/PR:N/AC:L/C:N/S:U/UI:N/AV:N/I:N/RC:C/RL:O/E:U", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Denial of Service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-01-08T11:06:17", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.ibm.com/support/pages/node/2876307"}, {"name": "ibm-db2-cve20204135-dos (173806)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/173806"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210108-0001/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2020-02-18T00:00:00", "ID": "CVE-2020-4135", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "DB2 for Linux- UNIX and Windows", "version": {"version_data": [{"version_value": "9.7"}, {"version_value": "10.1"}, {"version_value": "10.5"}, {"version_value": "11.1"}, {"version_value": "11.5"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage."}]}, "impact": {"cvssv3": {"BM": {"A": "H", "AC": "L", "AV": "N", "C": "N", "I": "N", "PR": "N", "S": "U", "UI": "N"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service"}]}]}, "references": {"reference_data": [{"name": "https://www.ibm.com/support/pages/node/2876307", "refsource": "CONFIRM", "title": "IBM Security Bulletin 2876307 (DB2 for Linux- UNIX and Windows)", "url": "https://www.ibm.com/support/pages/node/2876307"}, {"name": "ibm-db2-cve20204135-dos (173806)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/173806"}, {"name": "https://security.netapp.com/advisory/ntap-20210108-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210108-0001/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:52:20.915Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.ibm.com/support/pages/node/2876307"}, {"name": "ibm-db2-cve20204135-dos (173806)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/173806"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20210108-0001/"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2020-4135", "datePublished": "2020-02-19T15:15:45.454213Z", "dateReserved": "2019-12-30T00:00:00", "dateUpdated": "2024-09-16T18:28:29.112Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : DB2 for Linux- UNIX and Windows (string)

vendor : IBM (string)

versions : [ »

0 : { »

status : affected (string)

version : 9.7 (string)

}

1 : { »

status : affected (string)

version : 10.1 (string)

}

2 : { »

status : affected (string)

version : 10.5 (string)

}

3 : { »

status : affected (string)

version : 11.1 (string)

}

4 : { »

status : affected (string)

version : 11.5 (string)

}

]

}

]

datePublic : 2020-02-18T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage. (string)

}

]

metrics : [ »

0 : { »

cvssV3_0 : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

exploitCodeMaturity : UNPROVEN (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

remediationLevel : OFFICIAL_FIX (string)

reportConfidence : CONFIRMED (string)

scope : UNCHANGED (string)

temporalScore : 6.5 (number)

temporalSeverity : MEDIUM (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/A:H/PR:N/AC:L/C:N/S:U/UI:N/AV:N/I:N/RC:C/RL:O/E:U (string)

version : 3.0 (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Denial of Service (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2021-01-08T11:06:17 (string)

orgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

shortName : ibm (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://www.ibm.com/support/pages/node/2876307 (string)

}

1 : { »

name : ibm-db2-cve20204135-dos (173806) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/173806 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://security.netapp.com/advisory/ntap-20210108-0001/ (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@us.ibm.com (string)

DATE_PUBLIC : 2020-02-18T00:00:00 (string)

ID : CVE-2020-4135 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : DB2 for Linux- UNIX and Windows (string)

version : { »

version_data : [ »

0 : { »

version_value : 9.7 (string)

}

1 : { »

version_value : 10.1 (string)

}

2 : { »

version_value : 10.5 (string)

}

3 : { »

version_value : 11.1 (string)

}

4 : { »

version_value : 11.5 (string)

}

]

}

]

}

vendor_name : IBM (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage. (string)

}

]

}

impact : { »

cvssv3 : { »

BM : { »

A : H (string)

AC : L (string)

AV : N (string)

C : N (string)

I : N (string)

PR : N (string)

S : U (string)

UI : N (string)

}

TM : { »

E : U (string)

RC : C (string)

RL : O (string)

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Denial of Service (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://www.ibm.com/support/pages/node/2876307 (string)

refsource : CONFIRM (string)

title : IBM Security Bulletin 2876307 (DB2 for Linux- UNIX and Windows) (string)

url : https://www.ibm.com/support/pages/node/2876307 (string)

}

1 : { »

name : ibm-db2-cve20204135-dos (173806) (string)

refsource : XF (string)

title : X-Force Vulnerability Report (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/173806 (string)

}

2 : { »

name : https://security.netapp.com/advisory/ntap-20210108-0001/ (string)

refsource : CONFIRM (string)

url : https://security.netapp.com/advisory/ntap-20210108-0001/ (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T07:52:20.915Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://www.ibm.com/support/pages/node/2876307 (string)

}

1 : { »

name : ibm-db2-cve20204135-dos (173806) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/173806 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://security.netapp.com/advisory/ntap-20210108-0001/ (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

assignerShortName : ibm (string)

cveId : CVE-2020-4135 (string)

datePublished : 2020-02-19T15:15:45.454213Z (string)

dateReserved : 2019-12-30T00:00:00 (string)

dateUpdated : 2024-09-16T18:28:29.112Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*", "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "2952EB24-A015-4EC7-85E3-88588D0AB15B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "6E232F83-BE4C-4B3E-A5B1-53F9D95F0368", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "0DC3F2DB-9AE2-4B11-A838-167E857D831D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:11.5:*:*:*:*:*:*:*", "matchCriteriaId": "3977E313-6CD6-42E3-8936-B244CF8127B6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage."}, {"lang": "es", "value": "IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) versiones 9.7, 10.1, 10.5, 11.1 y 11.5,  podr\u00eda permitir a un usuario no autenticado enviar paquetes especialmente dise\u00f1ados para causar una denegaci\u00f3n de servicio debido a un uso excesivo de memoria."}], "id": "CVE-2020-4135", "lastModified": "2024-11-21T05:32:18.303", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "psirt@us.ibm.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-02-19T16:15:11.687", "references": [{"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/173806"}, {"source": "psirt@us.ibm.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210108-0001/"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/2876307"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/173806"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210108-0001/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/2876307"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:* (string)

matchCriteriaId : CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 2952EB24-A015-4EC7-85E3-88588D0AB15B (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 6E232F83-BE4C-4B3E-A5B1-53F9D95F0368 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 0DC3F2DB-9AE2-4B11-A838-167E857D831D (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:ibm:db2:11.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 3977E313-6CD6-42E3-8936-B244CF8127B6 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E492C463-D76E-49B7-A4D4-3B499E422D89 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 703AF700-7A70-47E2-BC3A-7FD03B3CA9C1 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A2572D17-1DE6-457B-99CC-64AFD54487EA (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F1BE6C1F-2565-4E97-92AA-16563E5660A5 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage. (string)

}

1 : { »

lang : es (string)

value : IBM DB2 para Linux, UNIX y Windows (incluye DB2 Connect Server) versiones 9.7, 10.1, 10.5, 11.1 y 11.5, podría permitir a un usuario no autenticado enviar paquetes especialmente diseñados para causar una denegación de servicio debido a un uso excesivo de memoria. (string)

}

]

id : CVE-2020-4135 (string)

lastModified : 2024-11-21T05:32:18.303 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : psirt@us.ibm.com (string)

type : Secondary (string)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2020-02-19T16:15:11.687 (string)

references : [ »

0 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : VDB Entry (string)

1 : Vendor Advisory (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/173806 (string)

}

1 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://security.netapp.com/advisory/ntap-20210108-0001/ (string)

}

2 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://www.ibm.com/support/pages/node/2876307 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : VDB Entry (string)

1 : Vendor Advisory (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/173806 (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://security.netapp.com/advisory/ntap-20210108-0001/ (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://www.ibm.com/support/pages/node/2876307 (string)

}

]

sourceIdentifier : psirt@us.ibm.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object