CVE-2023-33854

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data using man in the middle techniques.
References
Link Resource
https://www.ibm.com/support/pages/node/7277112 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_warehouse:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:cloud_pak_for_data:-:*:*:*:*:*:*:*

History

30 Jun 2026, 15:03

Type Values Removed Values Added
References () https://www.ibm.com/support/pages/node/7277112 - () https://www.ibm.com/support/pages/node/7277112 - Vendor Advisory
CPE cpe:2.3:a:ibm:cloud_pak_for_data:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_warehouse:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*
First Time Ibm db2
Ibm
Ibm cloud Pak For Data
Ibm db2 Warehouse

22 Jun 2026, 16:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-22 16:16

Updated : 2026-06-30 15:03


NVD link : CVE-2023-33854

Mitre link : CVE-2023-33854

CVE.ORG link : CVE-2023-33854


JSON object : View

Products Affected

ibm

  • db2
  • cloud_pak_for_data
  • db2_warehouse
CWE
CWE-294

Authentication Bypass by Capture-replay