{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-05T17:08:53.802","vulnerabilities":[{"cve":{"id":"CVE-2018-1426","sourceIdentifier":"psirt@us.ibm.com","published":"2018-03-22T12:29:00.563","lastModified":"2024-11-21T03:59:47.843","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and a risk of duplicate key material. IBM X-Force ID: 139071."},{"lang":"es","value":"IBM GSKit (IBM DB2 para Linux, UNIX y Windows 9.7, 10.1, 10.5 y 11.1) duplica el estado PRNG a lo largo de las llamadas de sistema fork() cuando se cargan múltiples instancias ICC. Esto podría resultar en ID de sesión duplicados y en el riesgo de que se duplique material clave. IBM X-Force ID: 139071."}],"metrics":{"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-335"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*","matchCriteriaId":"CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*","matchCriteriaId":"2952EB24-A015-4EC7-85E3-88588D0AB15B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*","matchCriteriaId":"6E232F83-BE4C-4B3E-A5B1-53F9D95F0368"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:*","matchCriteriaId":"0DC3F2DB-9AE2-4B11-A838-167E857D831D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","matchCriteriaId":"155AD4FB-E527-4103-BCEF-801B653DEA37"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*","matchCriteriaId":"CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:10.1:*:*:*:*:*:*:*","matchCriteriaId":"2952EB24-A015-4EC7-85E3-88588D0AB15B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:10.5:*:*:*:*:*:*:*","matchCriteriaId":"6E232F83-BE4C-4B3E-A5B1-53F9D95F0368"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:11.1:*:*:*:*:*:*:*","matchCriteriaId":"0DC3F2DB-9AE2-4B11-A838-167E857D831D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"http://www.ibm.com/support/docview.wss?uid=swg22013756","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/105580","source":"psirt@us.ibm.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041012","source":"psirt@us.ibm.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/139071","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"http://www.ibm.com/support/docview.wss?uid=swg22013756","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/105580","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041012","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/139071","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]}]}}]}