MEDIUMπŸ‡΅πŸ‡± Wersja polska

CVE-2025-27900

CVSS 6.8v3.1pub. 2026-02-17upd. 2026-02-26

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N
  • IBM Db2 Recovery Expert

    APP
    Ibm
    5.5.0
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-3856MEDIUM5.3ten sam produkt

IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data...

CVE-2025-27899MEDIUM5.3ten sam produkt

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable...

CVE-2025-27901MEDIUM6.5ten sam produkt

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vul...

CVE-2025-27903MEDIUM5.9ten sam produkt

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows transm...

CVE-2025-27904MEDIUM6.5ten sam produkt

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vul...

CVE-2025-27900 β€” Ibm β€” Db2 Recovery Expert β€” MEDIUM β€” CVSS 6.8 | CVEbaza.pl