Home

Description

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux could allow an authenticated user to regain access after account lockout due to password use after expiration date.

PUBLISHED Reserved 2025-04-15 | Published 2025-11-07 | Updated 2025-11-07 | Assigner ibm




MEDIUM: 6.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Problem types

CWE-324 Use of a Key Past its Expiration Date

Product status

Default status
unaffected

10.5.0 (semver)
affected

11.1.0 (semver)
affected

11.5.0 (semver)
affected

12.1.0 (semver)
affected

References

www.ibm.com/support/pages/node/7250469 vendor-advisory patch

cve.org (CVE-2025-33012)

nvd.nist.gov (CVE-2025-33012)

Download JSON