Summary
IBM DB2 is shipped as a component of IBM Maximo Asset Management. Information about the security vulnerability affecting IBM DB2 has been published in a security bulletin.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
Affected Product(s) |
Version(s) |
IBM Maximo Asset Management |
7.6.1.x |
IBM Maximo Asset Management |
7.6.0.x |
IBM Maximo Asset Management |
MAS 8.x-Manage 8.x |
Remediation/Fixes
Please consult the following security bulletin for vulnerability details and information about fixes:
Security Bulletin: IBM® Db2® under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service. (CVE-2021-29763)
Security Bulletin: IBM® Db2® is vulnerable to an information disclosure, exposing remote storage credentials to privileged users under specific conditions.(CVE-2021-29752)
Security Bulletin: IBM® Db2® could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. (CVE-2021-29825)
Workarounds and Mitigations
None