Friday, October 9, 2020

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure and denial of service (CVE-2020-4414)

Oct 9, 2020 8:00 pm EDT

Categorized: Medium Severity

Share this post:

IBM® Db2® could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service.

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 editions on all platforms are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6242356



from IBM Product Security Incident Response Team https://ift.tt/34GfdOa

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.