Login Sign Up

CVE-2022-22390

7.5 HIGH

📋 TL;DR

This vulnerability in IBM Db2 allows unauthorized information disclosure through improper privilege management when using table functions. Attackers can access sensitive data they shouldn't have permission to view. Affects IBM Db2 versions 9.7, 10.1, 10.5, 11.1, and 11.5 on Linux, UNIX, and Windows systems.

💻 Affected Systems

Products:
  • IBM Db2
Versions: 9.7, 10.1, 10.5, 11.1, 11.5
Operating Systems: Linux, UNIX, Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all configurations where table functions are used with improper privilege checks

📦 What is this software?

Db2 by Ibm

View all CVEs affecting Db2 →

Db2 by Ibm

View all CVEs affecting Db2 →

Db2 by Ibm

View all CVEs affecting Db2 →

Db2 by Ibm

View all CVEs affecting Db2 →

Db2 by Ibm

View all CVEs affecting Db2 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database information disclosure including sensitive customer data, financial records, or intellectual property

🟠

Likely Case

Partial data exposure through table function misuse by authenticated users with some database access

🟢

If Mitigated

Minimal impact with proper access controls and privilege separation in place

🌐 Internet-Facing: MEDIUM - Requires database access but could be exploited if database is exposed
🏢 Internal Only: HIGH - Authenticated users can exploit this vulnerability to escalate privileges and access unauthorized data

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires authenticated database access and knowledge of table function usage

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply fixes as per IBM advisory - specific fix packs vary by version

Vendor Advisory: https://www.ibm.com/support/pages/node/6597993

Restart Required: Yes

Instructions:

1. Review IBM advisory for your Db2 version. 2. Download and apply appropriate fix pack. 3. Restart Db2 services. 4. Verify patch application.

🔧 Temporary Workarounds

Restrict table function privileges

all

Review and limit table function permissions to only necessary users

REVOKE EXECUTE ON FUNCTION function_name FROM user_or_role

Implement strict access controls

all

Enforce principle of least privilege for all database users

🧯 If You Can't Patch

  • Implement network segmentation to isolate Db2 servers from untrusted networks
  • Enable detailed auditing of table function usage and monitor for suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check Db2 version against affected versions list: db2level command

Check Version:

db2level

Verify Fix Applied:

Verify applied fix pack version and check that table function privileges are properly restricted

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized table function execution attempts
  • Privilege escalation patterns in audit logs

Network Indicators:

  • Unusual database query patterns from authenticated users

SIEM Query:

source="db2_audit.log" AND (event="EXECUTE_FUNCTION" AND user NOT IN authorized_users_list)

📊 Metadata

CVE ID: CVE-2022-22390
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-269
Published: June 24, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-22390, you might also want to check these:

CVE-2023-48419 10.0

This vulnerability allows an attacker within Wi-Fi range of a Google Home device to spy on the victi...

Same vulnerability type (CWE-269)
CVE-2025-20282 10.0

This critical vulnerability in Cisco ISE and ISE-PIC allows unauthenticated remote attackers to uplo...

Same vulnerability type (CWE-269)
CVE-2022-24783 10.0

This critical vulnerability in Deno runtime allows malicious code to bypass all permission checks an...

Same vulnerability type (CWE-269)