Critical Vulnerability Information Vulnerability Overview CVE ID: CVE-2021-29825 CVSS 3.0 Base Score: 5.9 CVSS 3.0 Temporal Score: 5.2 Vulnerability Details Impact: Obtain Information Remediation: Refer to IBM Security Bulletin 6489499 for patch, upgrade, or recommended mitigation information. Affected Products: - IBM DB2 for Linux, UNIX and Windows 11.1 - IBM DB2 for Linux, UNIX and Windows 11.5 - IBM DB2 for Linux, UNIX and Windows 11.1 - 11.5 Related Products IBM Cloud Pak System Software 2.3.0.1 IBM Cloud Pak System Software 2.3.1.1 IBM Cloud Pak System Software 2.3.2.0 IBM Cloud Pak System Software 2.3.3.0 External Links https://www.ibm.com/support/pages/node/6489499 https://www.ibm.com/support/pages/node/6583541 https://exchange.xforce.ibmcloud.com/vulnerabilities/204470 https://security.netapp.com/advisory/ntap-20211029-0005/ ``` CVSS 3.0 Score Breakdown Attack Vector: Network Attack Complexity: High Required Privileges: None User Interaction: None Scope: Unchanged Confidentiality Impact: High Integrity Impact: None Availability Impact: None CVSS 3.0 Temporal Score Breakdown Exploitability: Unproven Remediation Level: Official Fix Report Confidence: Confirmed