Multiple vulnerabilities have been found in various versions of DB2. Please see links to DB2 Security Bulletins below for details and remediation.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM i2 Analyze | IBM i2 Analyze 4.3.1 |
IBM i2 Analyze | IBM i2 Analyze 4.3.0 |
IBM i2 Analyze | IBM i2 Analyze 4.3.2 |
Security Bulletin: IBM® Db2® is vulnerable to an information disclosure. (CVE-2020-4387)
<https://ibm.com/support/pages/node/6242336>
Affected Db2 releases: V9.7, V10.1, V10.5, V11.1, V11.5
Security Bulletin: IBM® Db2® is vulnerable to an information disclosure. (CVE-2020-4386)
<https://ibm.com/support/pages/node/6242342>
Affected Db2 releases: V9.7, V10.1, V10.5, V11.1, V11.5
Security Bulletin: IBM® Db2® may be vulnerable to a Denial of Service attack (CVE-2020-4355)
<https://ibm.com/support/pages/node/6242350>
Affected Db2 releases: V9.7, V10.1, V10.5, V11.1, V11.5
Security Bulletin: IBM® Db2® is vulnerable to buffer overflow leading to a privileged escalation (CVE-2020-4363)
<https://ibm.com/support/pages/node/6242332>
Affected Db2 releases: V9.7, V10.1, V10.5, V11.1, V11.5
Security Bulletin: IBM® Db2® is vulnerable to an information disclosure and denial of service (CVE-2020-4414)
<https://ibm.com/support/pages/node/6242356>
Affected Db2 releases: V9.7, V10.1, V10.5, V11.1, V11.5
Security Bulletin: IBM® Db2® is vulnerable to a denial of service attack (CVE-2020-4420)
<https://ibm.com/support/pages/node/6242362>
Affected Db2 releases: V9.7, V10.1, V10.5, V11.1, V11.5
None