AuditPro Enterprise™

©Network Intelligence India

http://www.niiconsulting.com

Time: 12:57:44
System: DB2
Hostname: 192.168.0.30

Legend

Symbol	Description
	This represents the highest possible risk level. Such a vulnerability will in all likelihood allow an attacker partial or complete access to the system. These vulnerabilities must be addressed immediately by either patching the system, or changing the configuration.
	This represents a medium risk vulnerability. Such a vulnerability would typically allow an attacker a limited level of access to the system, but this would not usually be a super user or administrative level of access. These vulnerabilities must be addressed in the short term.
	This represents a low vulnerability. It may not necessarily result in a system compromise by itself. But in conjunction with other medium or high risk vulnerabilities it may allow an attacker considerable access to the system. Such vulnerabilities must be addressed in the short to medium term.
	This sign represents adherence to the security policy. Usually, this is the case if no violations have been found.
	This represents a finding for which no policy match could be found, or it is purely for information purposes. It does not represent a vulnerability. Normally, no action needs to be taken in such cases
WVS	The Weighted Vulnerability Score (WVS) is calculated using the formula: (Low x 1) + (Medium x 2) + (High x 3)

DB2 VULNERABILITY DETAILS

     1. DB2 verison installed & missing fixpacks
     2. Audit Buffer Size
     3. Authentication Type
     4. Authorization granted to public
     5. Create Not Fenced privilege
     6. Permissions granted to public on tables
     7. Permissions on system catlogs
     8. Permissions grantable
     9. Permissions granted to user on the instance
     10. Permission granted to user on indexes
     11. Permission granted to user on tables

Percentage severity distribution

Weighted score for each probe

DB2 VULNERABILITY DETAILS

Check : DB2 verison installed & missing fixpacks

Description:
IBM releases FixPaks on a regular basis that provide various fixes including security fixes. Staying up to date on the latest FixPak minimizes your risk of being vulnerable to buffer overflows and other attacks.Because DB2 UDB FixPaks are cumulative, you do not need to install previous FixPaks. Each FixPak includes all fixes from previously released FixPaks, and can be applied to an original installation or to one where previous FixPaks have been applied.vulnerable to buffer overflows and other attacks.

CVE Reference No.:

Severity	VERSIONNUMBER
	8020000

Solution:
You should install the latest FixPak. FixPaks are cumulative, so you will not need to apply previous FixPaks.

If you are running DB2 8.1 or 8.2, you should install FixPak 15. This FixPak can be downloaded from
http://www-306.ibm.com/software/data/db2/udb/support/downloadv8.html

If you are running DB2 7.2, you should install FixPak 14. This FixPak can be downloaded from
http://www-306.ibm.com/software/data/db2/udb/support/downloadv7.html

If you are running DB2 7.1, you should install FixPak 3 to migrate to DB2 7.2. After migrating to V7.2, you should install FixPak 14. These FixPaks can be downloaded from
http://www-306.ibm.com/software/data/db2/udb/support/downloadv7.html

If you are running DB2 6.x, you should upgrade to 7.2 or 8.1.

If a vulnerability on your server was discovered for this check and the details of the vulnerability include ("VERSION IS VULNERABLE=COULD NOT ACCURATELY DETERMINE IF FIXPAK IS APPLIED)", you should manually verify the fixpak value.

Check : DB2 verison installed & missing fixpacks

Description:
The first column is DBMCONFIG_TYPE. The row with a value of 0 in this column contains the parameter values that are stored on disk, and the row with a value of 1 in this column contains the current parameter values stored in memory.

CVE Reference No.:

Severity	DBMCONFIG_TYPE	AUDIT_BUF_SZ
	1	0

Solution:
It is recommended to have the value of AUDIT_UF_SZ > 0. Implies command logging should be enabled.If you are not using auditing then the default value of 0 is perfect. If you do turn auditing on then change this to a non 0 value so that audit records are buffered and written to disk asynchronously. A value of 0 with auditing turned on means DB2 will do a synchronous write of every audit record to disk (no buffering).

To set or update this configuration paramater use the following command
UPDATE DBM CFG USING AUIT_BUF_SZ < value here>

Check : Authentication Type

Description:
The authentication type of DB2 can be configured using the database manager configuration file. Use of the authentication type SERVER is not recommended since the authentication credentials are sent over the network in clear text.

CVE Reference No.:

Severity	DBMCONFIG_TYPE	AUTHENTICATION
	1	0

Solution:
You should configure the instance to use the SERVER_ENCRYPT authentication type so that authentication credentials are not sent across the network in the clear. You can update the authentication method for the instance using the Command Center or the Command Line Processor. Below are the commands to update the configuration:

UPDATE DBM CFG USING AUTHENTICATION SERVER_ENCRYPT.

For the changes to take effect, the instance must be stopped and started as follows:
db2stop
db2start.

You can also modify the AUTHENTICATION configuration parameter using the Control Center as follows:
1. Open up the DB2 Control Center.
2. Find the instance whose configuration is to be modified and select it.
3. Choose the "Selected/Configure" menu item.
4. Choose the "Administration" tab.
5. Select the "Authentication" value.
6. Under the "Value" section, set the new value.
7. Choose OK.
8. Restart the server.
You must be a member of the SYSADM group for the instance to make updates to the database manager configuration file.

Check : Authorization granted to public

Description:
Public is a built-in group that includes all users in the database. A database user does not need to be granted the public group and the public group can not be revoked from a user. When permission is granted to the public group, the permission is effectively granted to all users in the database.Instead of granting permissions to the public group, define groups specifically for the database and grant the groups to the users that require those permissions.IBM DB2 by default, includes many permissions granted to the public group. After generating a list of the permissions granted to public, you should review each permission and determine if the grant is necessary. Most default permissions granted to public are on system tables and system stored procedures. The extraneous permissions are not needed and as such should be removed.
NOTE: If you remove public permissions, some features of third-party applications -- or even built-in features of IBM DB2 -- may break. While this level of security is desirable, it's often inappropriate. In most scenarios, AppSecInc does not recommend disabling public permissions from system objects without thoroughly testing your application.

CVE Reference No.:

Severity	GRANTOR	GRANTEE	GRANTEETYPE	CREATETABAUTH	BINDADDAUTH	CONNECTAUTH	IMPLSCHEMAAUTH
	SYSIBM	PUBLIC	G	Y	Y	Y	Y

Solution:
Revoke permissions from the public group. Grant permissions only to those specific groups that require them.

To revoke a permission from the public group, use the following command:
REVOKE [permission] ON [object] FROM public

To grant a permission to a specific group that requires the permission, use the following command:
GRANT [permission] ON [object] TO [group name]

Check : Create Not Fenced privilege

Description:
In DB2 UDB, stored procedures can be run as either a 'FENCED' procedure or as 'NOT FENCED' procedure. A NOT FENCED stored procedure runs in the same address space as the database, resulting in increased performance. A FENCED procedure runs in a special DB2 UDB process. The CREATE NOT FENCED privilege allows logins to create stored procedures that run in the address space of the database. These stored procedures can execute malicious code under the privileges of the database manager.

CVE Reference No.:

Severity	GRANTOR	GRANTEE	GRANTEETYPE	NOFENCEAUTH
	SYSIBM	TAUFIK	U	Y
	SYSIBM	PUBLIC	G	N

Solution:
To revoke the CREATE NOT FENCED privilege, use one of the following commands:

For PUBLIC:
REVOKE CREATE_NOT_FENCED ON DATABASE FROM PUBLIC

For a login:
REVOKE CREATE_NOT_FENCED ON DATABASE FROM USER [login]

For a group:
REVOKE CREATE_NOT_FENCED ON DATABASE FROM GROUP [group]

Check : Permissions granted to public on tables

Description:
Public is a special group that includes all users in the database. When a permission is granted to the public group, the permission is effectively given to all users in the database. Granting permissions to public is typically inappropriate. Instead permissions should be granted to groups defined specifically for the database and the group granted to the users that require those permissions

CVE Reference No.:

Severity	GRANTOR	GRANTEE	GRANTEETYPE	CONTROLAUTH	ALTERAUTH	DELETEAUTH	SELECTAUTH	UPDATEAUTH
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	N
	SYSIBM	PUBLIC	G	N	N	N	Y	Y
	SYSIBM	PUBLIC	G	N	N	N	Y	Y
	SYSIBM	PUBLIC	G	N	N	N	Y	Y
	SYSIBM	PUBLIC	G	N	N	N	Y	Y
	SYSIBM	PUBLIC	G	N	N	N	Y	Y
	SYSIBM	PUBLIC	G	N	N	N	Y	Y
	SYSIBM	PUBLIC	G	N	N	N	Y	Y
	SYSIBM	PUBLIC	G	N	N	N	Y	Y
	SYSIBM	PUBLIC	G	N	N	N	Y	Y
	SYSIBM	PUBLIC	G	N	N	N	Y	Y
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	Y	G	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N
	TAUFIK	PUBLIC	G	N	N	Y	Y	Y
	TAUFIK	PUBLIC	G	N	N	N	Y	N

Check : Permissions on system catlogs

Description:
Care should be taken when granting permissions on the system catalog. If a would-be hacker gains access to an IBM DB2 database via an account that has been granted permissions on the system catalog, that hacker may able to view, modify or destroy the system values.The system catalog contains information such as Existing Tables, Existing Accounts, Permissions, Functions, Wrappers and much more. Invalid modification of these tables may result in serious damage to your IBM DB2 system or the creation of holes in which a hacker can easily regain access at any time he or she desires.

CVE Reference No.:

SYSIBM

PUBLIC

SYSIBM

SYSATTRIBUTES

SYSIBM

PUBLIC

SYSIBM

SYSBUFFERPOOLNODES

SYSIBM

PUBLIC

SYSIBM

SYSBUFFERPOOLS

SYSIBM

PUBLIC

SYSIBM

SYSCHECKS

SYSIBM

PUBLIC

SYSIBM

SYSCODEPROPERTIES

SYSIBM

PUBLIC

SYSIBM

SYSCOLAUTH

SYSIBM

PUBLIC

SYSIBM

SYSCOLCHECKS

SYSIBM

PUBLIC

SYSIBM

SYSCOLDIST

SYSIBM

PUBLIC

SYSIBM

SYSCOLGROUPDIST

SYSIBM

PUBLIC

SYSIBM

SYSCOLGROUPDISTCOUNTS

SYSIBM

PUBLIC

SYSIBM

SYSCOLGROUPS

SYSIBM

PUBLIC

SYSIBM

SYSCOLGROUPSCOLS

SYSIBM

PUBLIC

SYSIBM

SYSCOLOPTIONS

SYSIBM

PUBLIC

SYSIBM

SYSCOLPROPERTIES

SYSIBM

PUBLIC

SYSIBM

SYSCOLUMNS

SYSIBM

PUBLIC

SYSIBM

SYSCOLUSE

SYSIBM

PUBLIC

SYSIBM

SYSCOMMENTS

SYSIBM

PUBLIC

SYSIBM

SYSCONSTDEP

SYSIBM

PUBLIC

SYSIBM

SYSDATATYPES

SYSIBM

PUBLIC

SYSIBM

SYSDBAUTH

SYSIBM

PUBLIC

SYSIBM

SYSDEPENDENCIES

SYSIBM

PUBLIC

SYSIBM

SYSDUMMY1

TAUFIK

PUBLIC

SYSIBM

SYSDUMMY1

SYSIBM

PUBLIC

SYSIBM

SYSEVENTMONITORS

SYSIBM

PUBLIC

SYSIBM

SYSEVENTS

SYSIBM

PUBLIC

SYSIBM

SYSEVENTTABLES

SYSIBM

PUBLIC

SYSIBM

SYSFUNCMAPOPTIONS

SYSIBM

PUBLIC

SYSIBM

SYSFUNCMAPPARMOPTIONS

SYSIBM

PUBLIC

SYSIBM

SYSFUNCMAPPINGS

SYSIBM

PUBLIC

SYSIBM

SYSFUNCPARMS

SYSIBM

PUBLIC

SYSIBM

SYSFUNCTIONS

SYSIBM

PUBLIC

SYSIBM

SYSHIERARCHIES

SYSIBM

PUBLIC

SYSIBM

SYSINDEXAUTH

SYSIBM

PUBLIC

SYSIBM

SYSINDEXCOLUSE

SYSIBM

PUBLIC

SYSIBM

SYSINDEXES

SYSIBM

PUBLIC

SYSIBM

SYSINDEXEXPLOITRULES

SYSIBM

PUBLIC

SYSIBM

SYSINDEXEXTENSIONMETHODS

SYSIBM

PUBLIC

SYSIBM

SYSINDEXEXTENSIONPARMS

SYSIBM

PUBLIC

SYSIBM

SYSINDEXEXTENSIONS

SYSIBM

PUBLIC

SYSIBM

SYSINDEXOPTIONS

SYSIBM

PUBLIC

SYSIBM

SYSJARCONTENTS

SYSIBM

PUBLIC

SYSIBM

SYSJAROBJECTS

SYSIBM

PUBLIC

SYSIBM

SYSKEYCOLUSE

SYSIBM

PUBLIC

SYSIBM

SYSLIBRARIES

SYSIBM

PUBLIC

SYSIBM

SYSLIBRARYAUTH

SYSIBM

PUBLIC

SYSIBM

SYSLIBRARYBINDFILES

SYSIBM

PUBLIC

SYSIBM

SYSLIBRARYVERSIONS

SYSIBM

PUBLIC

SYSIBM

SYSNAMEMAPPINGS

SYSIBM

PUBLIC

SYSIBM

SYSNODEGROUPDEF

SYSIBM

PUBLIC

SYSIBM

SYSNODEGROUPS

SYSIBM

PUBLIC

SYSIBM

SYSPARTITIONMAPS

SYSIBM

PUBLIC

SYSIBM

SYSPASSTHRUAUTH

SYSIBM

PUBLIC

SYSIBM

SYSPLAN

SYSIBM

PUBLIC

SYSIBM

SYSPLANAUTH

SYSIBM

PUBLIC

SYSIBM

SYSPLANDEP

SYSIBM

PUBLIC

SYSIBM

SYSPREDICATESPECS

SYSIBM

PUBLIC

SYSIBM

SYSPROCEDURES

SYSIBM

PUBLIC

SYSIBM

SYSPROCOPTIONS

SYSIBM

PUBLIC

SYSIBM

SYSPROCPARMOPTIONS

SYSIBM

PUBLIC

SYSIBM

SYSPROCPARMS

SYSIBM

PUBLIC

SYSIBM

SYSRELS

SYSIBM

PUBLIC

SYSIBM

SYSREVTYPEMAPPINGS

SYSIBM

PUBLIC

SYSIBM

SYSROUTINEAUTH

SYSIBM

PUBLIC

SYSIBM

SYSROUTINEPARMS

SYSIBM

PUBLIC

SYSIBM

SYSROUTINEPROPERTIESJAVA

SYSIBM

PUBLIC

SYSIBM

SYSROUTINES

SYSIBM

PUBLIC

SYSIBM

SYSSCHEMAAUTH

SYSIBM

PUBLIC

SYSIBM

SYSSCHEMATA

SYSIBM

PUBLIC

SYSIBM

SYSSECTION

SYSIBM

PUBLIC

SYSIBM

SYSSEQUENCEAUTH

SYSIBM

PUBLIC

SYSIBM

SYSSEQUENCES

SYSIBM

PUBLIC

SYSIBM

SYSSERVEROPTIONS

SYSIBM

PUBLIC

SYSIBM

SYSSERVERS

SYSIBM

PUBLIC

SYSIBM

SYSSTMT

SYSIBM

PUBLIC

SYSIBM

SYSTABAUTH

SYSIBM

PUBLIC

SYSIBM

SYSTABCONST

SYSIBM

PUBLIC

SYSIBM

SYSTABLES

SYSIBM

PUBLIC

SYSIBM

SYSTABLESPACES

SYSIBM

PUBLIC

SYSIBM

SYSTABOPTIONS

SYSIBM

PUBLIC

SYSIBM

SYSTBSPACEAUTH

SYSIBM

PUBLIC

SYSIBM

SYSTRANSFORMS

SYSIBM

PUBLIC

SYSIBM

SYSTRIGGERS

SYSIBM

PUBLIC

SYSIBM

SYSTYPEMAPPINGS

SYSIBM

PUBLIC

SYSIBM

SYSUSERAUTH

SYSIBM

PUBLIC

SYSIBM

SYSUSEROPTIONS

SYSIBM

PUBLIC

SYSIBM

SYSVERSIONS

SYSIBM

PUBLIC

SYSIBM

SYSVIEWDEP

SYSIBM

PUBLIC

SYSIBM

SYSVIEWS

SYSIBM

PUBLIC

SYSIBM

SYSWRAPOPTIONS

SYSIBM

PUBLIC

SYSIBM

SYSWRAPPERS

SYSIBM

PUBLIC

SYSIBM

SYSXMLOBJECTAUTH

SYSIBM

PUBLIC

SYSIBM

SYSXMLOBJECTAUTHPERF

SYSIBM

PUBLIC

SYSIBM

SYSXMLOBJECTPROPERTIES

SYSIBM

PUBLIC

SYSIBM

SYSXMLOBJECTRELDEP

SYSIBM

PUBLIC

SYSIBM

SYSXMLOBJECTS

SYSIBM

PUBLIC

SYSIBM

SYSXMLOBJECTXMLDEP

SYSIBM

PUBLIC

SYSIBM

SYSXMLPHYSICALCOLLECTIONS

SYSIBM

PUBLIC

SYSIBM

SYSXMLQUERIES

SYSIBM

PUBLIC

SYSIBM

SYSXMLRELATIONSHIPS

SYSIBM

PUBLIC

SYSIBM

SYSXMLRSPROPERTIES

SYSIBM

PUBLIC

SYSIBM

SYSXMLSTATS

Solution:
To revoke permissions, use one of the following commands:
For PUBLIC:
REVOKE [privilege] ON [system catalog object] FROM PUBLIC

For a login:
REVOKE [privilege] ON [system catalog object] FROM USER [login]

For a group:
REVOKE [privilege] ON [system catalog object] FROM GROUP [group]

Check : Permissions grantable

Description:
Description: An object permissions has been granted using the WITH GRANT OPTION.An object permission granted to a user can be designated as grantable. When an object permission is grantable, a user can grant the permission to other users.Overview: Because of the powerful capabilities of grantable privileges, exercise caution when granting object permissions as grantable privileges. The ability to grant object permissions is usually reserved for a security administrator and should rarely be granted to other non-administrator users of the system. When you grant someone a grantable privilege, you lose control over which users will receive that permission.

CVE Reference No.:

SYSIBM

TAUFIK

SYSTOOLS

REL_CAT_MEMBER

SYSIBM

TAUFIK

SYSTOOLS

REL_TYPE

SYSIBM

TAUFIK

SYSTOOLS

REL_CAT

SYSIBM

TAUFIK

SYSTOOLS

REL_LINK

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_TYPE

SYSIBM

TAUFIK

SYSTOOLS

ID_TABLE

SYSIBM

TAUFIK

SYSTOOLS

APPLICATIONS

SYSIBM

TAUFIK

SYSTOOLS

INDEX_PROPERTY

SYSIBM

TAUFIK

SYSTOOLS

SETTINGS

SYSIBM

TAUFIK

SYSTOOLS

REL_INSTANCE

SYSIBM

TAUFIK

SYSTOOLS

ICM_ACE_LIST

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_PROPERTY

SYSIBM

TAUFIK

SYSTOOLS

ICM_ACL_DEFN

SYSIBM

TAUFIK

SYSTOOLS

REF_ID_TABLE

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_INDEX

SYSIBM

TAUFIK

SYSTOOLS

ICM_ACL_DEFN_UV

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_TYPE_UV

SYSIBM

TAUFIK

SYSTOOLS

REL_CAT_UV

SYSIBM

TAUFIK

SYSTOOLS

REL_TYPE_UV

SYSIBM

TAUFIK

SYSTOOLS

REL_INSTANCE_UV

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_PROPERTY_UV

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_INDEX_UV

SYSIBM

TAUFIK

SYSTOOLS

REL_LINK_UV

SYSIBM

TAUFIK

SYSTOOLS

REL_CAT_MEMBER_UV

TAUFIK

PUBLIC

SYSTOOLS

ICM_ACE_LIST

SYSIBM

TAUFIK

SYSTOOLS

MDTASKTYPE00

SYSIBM

TAUFIK

SYSTOOLS

MDTASKTYPE00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKTYPE00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKTYPE00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDSCHEDEVENT00

SYSIBM

TAUFIK

SYSTOOLS

MDSCHEDEVENT00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDSCHEDEVENT00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDSCHEDEVENT00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDNAMEDSCHED00

SYSIBM

TAUFIK

SYSTOOLS

MDNAMEDSCHED00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDNAMEDSCHED00_RV

SYSIBM

TAUFIK

HELLO

SYSIBM

TAUFIK

SYSTOOLS

MDNAMEDSCHED00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDFOLLOWONAC00

SYSIBM

TAUFIK

SYSTOOLS

MDFOLLOWONAC00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDFOLLOWONAC00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDFOLLOWONAC00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDNOTIFICATI00

SYSIBM

TAUFIK

SYSTOOLS

MDNOTIFICATI00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDNOTIFICATI00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDNOTIFICATI00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKCATEGO00

SYSIBM

TAUFIK

SYSTOOLS

MDTASKCATEGO00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKCATEGO00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKCATEGO00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDSUCCESSCOD00

SYSIBM

TAUFIK

SYSTOOLS

MDSUCCESSCOD00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDSUCCESSCOD00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDSUCCESSCOD00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDCODECONDIT00

SYSIBM

TAUFIK

SYSTOOLS

MDCODECONDIT00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDCODECONDIT00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDCODECONDIT00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTNAM00

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTNAM00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTNAM00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTNAM00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTGRO00

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTGRO00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTGRO00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTGRO00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKEXECTY00

SYSIBM

TAUFIK

SYSTOOLS

MDTASKEXECTY00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKEXECTY00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKEXECTY00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTHISTORYTY00

SYSIBM

TAUFIK

SYSTOOLS

MDTHISTORYTY00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTHISTORYTY00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTHISTORYTY00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTRESULTTYP00

SYSIBM

TAUFIK

SYSTOOLS

MDTRESULTTYP00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTRESULTTYP00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTRESULTTYP00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSNAPSH00

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSNAPSH00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSNAPSH00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSNAPSH00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSTATIS00

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSTATIS00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSTATIS00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSTATIS00_UV

SYSIBM

TAUFIK

SYSTOOLS

STMG_DBSIZE_INFO

SYSIBM

TAUFIK

SYSTOOLS

AM_BASE_TASKS

SYSIBM

TAUFIK

SYSTOOLS

AM_BASE_TASK_RPTS

SYSIBM

TAUFIK

SYSTOOLS

AM_TASKS

SYSIBM

TAUFIK

SYSTOOLS

AM_TASK_RPTS

SYSIBM

TAUFIK

EXPLAIN_STATEMENT

SYSIBM

TAUFIK

SYSTOOLS

ALTOBJ_INFO

SYSIBM

TAUFIK

SYSTOOLS

ALTOBJ_INFO_V

SYSIBM

TAUFIK

SYSTOOLS

DB2LOOK_INFO

SYSIBM

TAUFIK

SYSTOOLS

DB2LOOK_INFO_V

SYSIBM

TAUFIK

EXPLAIN_INSTANCE

SYSIBM

TAUFIK

EMPLOYEE

SYSIBM

TAUFIK

EXPLAIN_ARGUMENT

SYSIBM

TAUFIK

EXPLAIN_OBJECT

SYSIBM

TAUFIK

EXPLAIN_OPERATOR

SYSIBM

TAUFIK

EXPLAIN_PREDICATE

SYSIBM

TAUFIK

EXPLAIN_STREAM

Solution:
To revoke grantable permissions on an object, perform the following commands:
1. Open up the DB2 Control Center.
2. Find the database containing the privilege to modify.
3. Choose the "Selected/Privileges" menu item.
4. Choose either the "User" or "Group" tab and find the login/group granted the permission.
5. Select the login/group granted the permission to modify.
6. Under the "Privileges" section, modify the privilege denoting "Grant" to either "Yes" or "No".
7. Choose OK.

Check : Permissions granted to user on the instance

Description:
A permission has been granted to a user instead of a group.Security best practices dictate that permissions should be granted to groups rather than directly to users. By using groups to manage permissions, revoking and granting permissions is less error-prone and more manageable.

CVE Reference No.:

Severity	GRANTOR	GRANTEE	GRANTEETYPE	DBADMAUTH	CREATETABAUTH	BINDADDAUTH	CONNECTAUTH	IMPLSCHEMAAUTH	LOADAUTH	EXTERNALROUTINEAUTH	QUIESCECONNECTAUTH
	SYSIBM	TAUFIK	U	Y	Y	Y	Y	Y	Y	Y	Y

Check : Permission granted to user on indexes

CVE Reference No.:

Severity	GRANTOR	GRANTEE	GRANTEETYPE	INDSCHEMA	INDNAME	CONTROLAUTH
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135428430	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	REL_TYPEI	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135428980	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	REL_CATI	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135429480	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135429780	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	OBJECT_TYPEI	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135430170	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135430430	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	APPLICATIONSI	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135430750	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135431060	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135431280	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135431640	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	OBJECT_PROPERTYI	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135432210	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	ICM_ACL_DEFNI	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135432600	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135432790	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	OBJECT_INDEXI	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135437140	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDTA00	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135438150	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDSC00	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135438810	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDNA00	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135439420	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDFO00	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135440140	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDNO00	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135440760	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDTA01	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135441340	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDSU00	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135441950	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDCO00	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135442640	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDCO01	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135443180	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDCO02	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135444310	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDTA02	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135445710	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDTH00	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135446730	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDTR00	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135448150	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDTA03	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL071214135449480	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	IMDTA04	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL080103131545030	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL080103131546040	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL080103133336400	Y
	SYSIBM	TAUFIK	U	SYSTOOLS	DB2LOOK_IND	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL080103135227290	Y
	SYSIBM	TAUFIK	U	SYSIBM	SQL080103135227930	Y
	SYSIBM	TAUFIK	U	TAUFIK	STMT_I1	Y
	SYSIBM	TAUFIK	U	TAUFIK	ARG_I1	Y
	SYSIBM	TAUFIK	U	TAUFIK	OBJ_I1	Y
	SYSIBM	TAUFIK	U	TAUFIK	OPR_I1	Y
	SYSIBM	TAUFIK	U	TAUFIK	PRD_I1	Y
	SYSIBM	TAUFIK	U	TAUFIK	STM_I1	Y

Check : Permission granted to user on tables

CVE Reference No.:

SYSIBM

TAUFIK

SYSTOOLS

REL_CAT_MEMBER

SYSIBM

TAUFIK

SYSTOOLS

REL_TYPE

SYSIBM

TAUFIK

SYSTOOLS

REL_CAT

SYSIBM

TAUFIK

SYSTOOLS

REL_LINK

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_TYPE

SYSIBM

TAUFIK

SYSTOOLS

ID_TABLE

SYSIBM

TAUFIK

SYSTOOLS

APPLICATIONS

SYSIBM

TAUFIK

SYSTOOLS

INDEX_PROPERTY

SYSIBM

TAUFIK

SYSTOOLS

SETTINGS

SYSIBM

TAUFIK

SYSTOOLS

REL_INSTANCE

SYSIBM

TAUFIK

SYSTOOLS

ICM_ACE_LIST

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_PROPERTY

SYSIBM

TAUFIK

SYSTOOLS

ICM_ACL_DEFN

SYSIBM

TAUFIK

SYSTOOLS

REF_ID_TABLE

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_INDEX

SYSIBM

TAUFIK

SYSTOOLS

ICM_USER_GROUP

SYSIBM

TAUFIK

SYSTOOLS

ICM_ACL_DEFN_UV

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_TYPE_UV

SYSIBM

TAUFIK

SYSTOOLS

REL_CAT_UV

SYSIBM

TAUFIK

SYSTOOLS

REL_TYPE_UV

SYSIBM

TAUFIK

SYSTOOLS

REL_INSTANCE_UV

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_PROPERTY_UV

SYSIBM

TAUFIK

SYSTOOLS

OBJECT_INDEX_UV

SYSIBM

TAUFIK

SYSTOOLS

REL_LINK_UV

SYSIBM

TAUFIK

SYSTOOLS

REL_CAT_MEMBER_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKTYPE00

SYSIBM

TAUFIK

SYSTOOLS

MDTASKTYPE00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKTYPE00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKTYPE00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDSCHEDEVENT00

SYSIBM

TAUFIK

SYSTOOLS

MDSCHEDEVENT00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDSCHEDEVENT00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDSCHEDEVENT00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDNAMEDSCHED00

SYSIBM

TAUFIK

SYSTOOLS

MDNAMEDSCHED00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDNAMEDSCHED00_RV

SYSIBM

TAUFIK

HELLO

SYSIBM

TAUFIK

SYSTOOLS

MDNAMEDSCHED00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDFOLLOWONAC00

SYSIBM

TAUFIK

SYSTOOLS

MDFOLLOWONAC00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDFOLLOWONAC00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDFOLLOWONAC00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDNOTIFICATI00

SYSIBM

TAUFIK

SYSTOOLS

MDNOTIFICATI00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDNOTIFICATI00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDNOTIFICATI00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKCATEGO00

SYSIBM

TAUFIK

SYSTOOLS

MDTASKCATEGO00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKCATEGO00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKCATEGO00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDSUCCESSCOD00

SYSIBM

TAUFIK

SYSTOOLS

MDSUCCESSCOD00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDSUCCESSCOD00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDSUCCESSCOD00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDCODECONDIT00

SYSIBM

TAUFIK

SYSTOOLS

MDCODECONDIT00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDCODECONDIT00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDCODECONDIT00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTNAM00

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTNAM00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTNAM00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTNAM00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTGRO00

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTGRO00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTGRO00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDCONTACTGRO00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKEXECTY00

SYSIBM

TAUFIK

SYSTOOLS

MDTASKEXECTY00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKEXECTY00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKEXECTY00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTHISTORYTY00

SYSIBM

TAUFIK

SYSTOOLS

MDTHISTORYTY00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTHISTORYTY00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTHISTORYTY00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTRESULTTYP00

SYSIBM

TAUFIK

SYSTOOLS

MDTRESULTTYP00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTRESULTTYP00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTRESULTTYP00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSNAPSH00

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSNAPSH00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSNAPSH00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSNAPSH00_UV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSTATIS00

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSTATIS00_VV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSTATIS00_RV

SYSIBM

TAUFIK

SYSTOOLS

MDTASKSTATIS00_UV

SYSIBM

TAUFIK

SYSTOOLS

STMG_DBSIZE_INFO

SYSIBM

TAUFIK

SYSTOOLS

AM_BASE_TASKS

SYSIBM

TAUFIK

SYSTOOLS

AM_BASE_TASK_RPTS

SYSIBM

TAUFIK

SYSTOOLS

AM_TASKS

SYSIBM

TAUFIK

SYSTOOLS

AM_TASK_RPTS

SYSIBM

TAUFIK

EXPLAIN_STATEMENT

SYSIBM

TAUFIK

SYSTOOLS

ALTOBJ_INFO

SYSIBM

TAUFIK

SYSTOOLS

ALTOBJ_INFO_V

SYSIBM

TAUFIK

SYSTOOLS

DB2LOOK_INFO

SYSIBM

TAUFIK

SYSTOOLS

DB2LOOK_INFO_V

SYSIBM

TAUFIK

EXPLAIN_INSTANCE

SYSIBM

TAUFIK

EMPLOYEE

SYSIBM

TAUFIK

EXPLAIN_ARGUMENT

SYSIBM

TAUFIK

EXPLAIN_OBJECT

SYSIBM

TAUFIK

EXPLAIN_OPERATOR

SYSIBM

TAUFIK

EXPLAIN_PREDICATE

SYSIBM

TAUFIK

EXPLAIN_STREAM

AuditPro Enterprise™

©Network Intelligence India

http://www.niiconsulting.com

Table of Contents

DB2 VULNERABILITY DETAILS

Percentage severity distribution

Weighted score for each probe