Security Bulletin: Security vulnerabilities have been identified in IBM Db2 shipped with Predictive Maintenance and Quality (CVE-2018-1897, CVE-2018-1723)

2018-12-1308:40:02

www.ibm.com

EPSS

0.001

Percentile

25.7%

JSON

Summary

IBM DB2 is shipped with Predictive Maintenance and Quality. Information about a security vulnerability affecting IBM DB2 has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletins listed in the Remediation/Fixes section

Affected Products and Versions

Predictive Maintenance and Quality 2.5.3 – 2.6.2

Remediation/Fixes

Refer to the following security bulletins for vulnerability details and information about fixes addressed by IBM DB2 which is shipped with Predictive Maintenance and Quality.

Principal Product and Version(s)

Affected Supporting Product and Version

Affected Supporting Product Security Bulletin

—|—|—

IBM Predictive Maintenance and Quality 2.5.3 – 2.6.2

IBM DB2 Enterprise Server Edition V10.5

Security Bulletin: IBM Db2 LUW on AIX and Linux Affected by a Vulnerability in IBM Spectrum Scale (CVE-2018-1723).

Security Bulletin: IBM Db2 is vulnerable to a buffer overflow leading to privilege escalation (CVE-2018-1897).