MEDIUM🇵🇱 Wersja polska

CVE-2025-33012

CVSS 6.3v3.1pub. 2025-11-07upd. 2025-11-19

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux could allow an authenticated user to regain access after account lockout due to password use after expiration date.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • IBM Db2

    APP
    Ibm
    10.5.0.0 – 10.5.0.1111.1.0 – 11.1.4.711.5.0 – 11.5.912.1.0 – 12.1.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-10109CRITICAL9.8ten sam produkt

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to imprope...

CVE-2026-1718HIGH7.1ten sam produkt

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially...

CVE-2025-36247HIGH7.1ten sam produkt

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12....

CVE-2025-36184HIGH7.2ten sam produkt

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 could allow an instance owne...

CVE-2025-36384HIGH8.4ten sam produkt

IBM Db2 for Windows 12.1.0 - 12.1.3 could allow a local user with filesystem access to escalate their privile...