CVE-2023-27867

CVSS V2 None CVSS V3 None
Description
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code via JNDI Injection. By sending a specially crafted request using the property clientRerouteServerListJNDIName, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 249514.
Overview
  • CVE ID
  • CVE-2023-27867
  • Assigner
  • ibm
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-07-08T18:43:58.232Z
  • Last Modified Date
  • 2023-07-08T18:43:58.232Z
History
Created Old Value New Value Data Type Notes
2024-06-25 01:41:34 Added to TrackCVE