CVE-2012-1797 - Vulnerability Details - OpenCVE

IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Db2

Configuration 1 [-]

cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC79518
http://www-01.ibm.com/support/docview.wss?uid=swg1IC79518
https://exchange.xforce.ibmcloud.com/vulnerabilities/74326
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14922

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-03-20T20:00:00

Updated: 2024-08-06T19:08:38.582Z

Reserved: 2012-03-20T00:00:00

Link: CVE-2012-1797

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-03-20T20:55:01.553

Modified: 2024-11-21T01:37:48.030

Link: CVE-2012-1797

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-02-15T00:00:00", "descriptions": [{"lang": "en", "value": "IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-09T17:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC79518"}, {"name": "db2-nodes-unspecified(74326)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74326"}, {"name": "oval:org.mitre.oval:def:14922", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14922"}, {"name": "IC79518", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC79518"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-1797", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC79518", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC79518"}, {"name": "db2-nodes-unspecified(74326)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74326"}, {"name": "oval:org.mitre.oval:def:14922", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14922"}, {"name": "IC79518", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC79518"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:08:38.582Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC79518"}, {"name": "db2-nodes-unspecified(74326)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74326"}, {"name": "oval:org.mitre.oval:def:14922", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14922"}, {"name": "IC79518", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC79518"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-1797", "datePublished": "2012-03-20T20:00:00", "dateReserved": "2012-03-20T00:00:00", "dateUpdated": "2024-08-06T19:08:38.582Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*", "matchCriteriaId": "11ABF7CC-2FA5-4F2D-901A-2D0EF5B8E717", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors."}, {"lang": "es", "value": "IBM DB2 v9.5 utiliza permisos de escritura globales para nodes.reg, lo que tiene un impacto y vectores de ataque no especificados."}], "id": "CVE-2012-1797", "lastModified": "2024-11-21T01:37:48.030", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-03-20T20:55:01.553", "references": [{"source": "cve@mitre.org", "url": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC79518"}, {"source": "cve@mitre.org", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC79518"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74326"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14922"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC79518"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC79518"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74326"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14922"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}