CVE-2023-27867

by Fred · 08/07/2023

IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated attacker to execute arbitrary code via JNDI Injection. By sending a specially crafted request using the property clientRerouteServerListJNDIName, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 249514.

Date published : 2023-07-08

https://exchange.xforce.ibmcloud.com/vulnerabilities/249514

https://www.ibm.com/support/pages/node/7010029

CVE-2023-27867

Similar

Recent Posts

Categories

CVE-2023-27867

Share this:

Similar

Recent Posts

Categories

Tags