Vulnerability Details : CVE-2013-4032
The Fast Communications Manager (FCM) in IBM DB2 Enterprise Server Edition and Advanced Enterprise Server Edition 10.1 before FP3 and 10.5, when a multi-node configuration is used, allows remote attackers to cause a denial of service via vectors involving arbitrary data.
Vulnerability category: Input validationDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2013-4032
Probability of exploitation activity in the next 30 days: 0.91%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 81 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-4032
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2013-4032
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-4032
-
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94939
IBM IC94939: SECURITY: DENIAL OF SERVICE VULNERABILITY IN DB2's FAST COMMUNICATIONS MANAGER. (CVE-2013-4032)
-
http://www-01.ibm.com/support/docview.wss?uid=swg21650231
IBM Security Bulletin: Denial of Service Vulnerability in DB2 for Unix, Linux and Windows's Fast Communications Manager. (CVE-2013-4032)Vendor Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg1IC94434
IBM IC94434: SECURITY: DENIAL OF SERVICE VULNERABILITY IN DB2's FAST COMMUNICATIONS MANAGER. (CVE-2013-4032)
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/86092
IBM DB2 FCM denial of service CVE-2013-4032 Vulnerability Report
Products affected by CVE-2013-4032
- cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*