IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 could allow an authenticated user to bypass client-side validation and manipulate input data using man in the middle techniques.
References
| Link | Resource |
|---|---|
| https://www.ibm.com/support/pages/node/7277112 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
30 Jun 2026, 15:03
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.ibm.com/support/pages/node/7277112 - Vendor Advisory | |
| CPE | cpe:2.3:a:ibm:cloud_pak_for_data:-:*:*:*:*:*:*:* cpe:2.3:a:ibm:db2_warehouse:*:*:*:*:*:*:*:* cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:* |
|
| First Time |
Ibm db2
Ibm Ibm cloud Pak For Data Ibm db2 Warehouse |
22 Jun 2026, 16:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-22 16:16
Updated : 2026-06-30 15:03
NVD link : CVE-2023-33854
Mitre link : CVE-2023-33854
CVE.ORG link : CVE-2023-33854
JSON object : View
Products Affected
ibm
- db2
- cloud_pak_for_data
- db2_warehouse
CWE
CWE-294
Authentication Bypass by Capture-replay
