IBM Db2 improper account lockout_CVE-2025-33012

6.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Description

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux could allow an authenticated user to regain access after account lockout due to password use after expiration date.

Basic Information

ID CVE-2025-33012

Source ibm

Published Nov 7, 2025 at 18:38

Modified Nov 7, 2025 at 18:56

Affected Product

Vendor IBM

Product Db2

Version 10.5.0

Affected Versions IBM Db2 10.5.0
IBM Db2 11.1.0
IBM Db2 11.5.0
IBM Db2 12.1.0

CWE Classification

CWE-324

References

www.ibm.com /support/pages/node/7250469

{
    "lastseen": "",
    "description": "IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux could allow an authenticated user to regain access after account lockout due to password use after expiration date.",
    "published": "2025-11-07T18:38:29.123Z",
    "modified": "2025-11-07T18:56:16.588Z",
    "type": "cve",
    "title": "IBM Db2 improper account lockout",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7250469",
    "id": "CVE-2025-33012",
    "bulletinFamily": "",
    "cwe": [
        "CWE-324"
    ],
    "cvelist": null,
    "sourceData": "IBM Db2 10.5.0\nIBM Db2 11.1.0\nIBM Db2 11.5.0\nIBM Db2 12.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Db2",
    "version": "10.5.0",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}