DB2 has multiple security vulnerabilities. DB2 users should refer to the linked DB2 security bulletins to determine is remediation is required.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM i2 Analyze | IBM i2 Analyze 4.3.1 |
IBM i2 Analyze | IBM i2 Analyze 4.3.0 |
IBM i2 Analyze | IBM i2 Analyze 4.3.2 |
Security Bulletin: IBM® Db2® is vulnerable to a denial of service (CVE-2020-5024)
<https://www.ibm.com/support/pages/node/6427861>
Affected Releases: v9.1, v10.1, v10.5, v11.1, v11.5
Security Bulletin: IBM® Db2® db2fm is vulnerable to a buffer overflow (CVE-2020-5025)
<https://www.ibm.com/support/pages/node/6427855>
Affected Releases: v9.1, v10.1, v10.5, v11.1, v11.5
Security Bulletin: IBM® Db2® is vulnerable to weak file permissions allowing access to specific files (CVE-2020-4976)
<https://www.ibm.com/support/pages/node/6427859>
Affected Releases: v9.1, v10.1, v10.5, v11.1, v11.5
None