Tuesday, February 18, 2020

Security Bulletin: IBM® Db2® is vulnerable to privilege escalation (CVE-2020-4230).

Feb 18, 2020 7:00 pm EST

Categorized: Medium Severity

Share this post:

IBM Db2 is vulnerable to a priviledge escalation. An authenticated local attacker with special permissions can execute specially crafted Db2 commands to modify the owner of stored procedures to SYSIBM, causing a privilege escalation.

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V11.1 and V11.5 editions on all platforms are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/2878809



from IBM Product Security Incident Response Team https://ift.tt/3bPdOHJ

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.