Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMEF4FA57BD5224D546E74A6AEDED96533CB0469A908E90741099A6254B76FD66B
HistoryFeb 16, 2022 - 3:20 a.m.

Security Bulletin: Multiple security vulnerabilities may affect IBM DB2 shipped with Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises

2022-02-1603:20:46
www.ibm.com
44
ibm db2
predictive maintenance
quality
fix pack 11.5.7
security bulletin
vulnerabilities
ibm maximo apm
information disclosure
admin_cmd
load
backup
cve-2021-29752
cve-2021-29825
cve-2021-29763

EPSS

0.001

Percentile

44.8%

JSON

Summary

IBM DB2 is shipped with IBM Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises. Information about security vulnerabilities affecting DB2 has been published in multiple security bulletins as below. The recommended solution is to upgrade to Fix Pack version 11.5.7 on DB2 Server for IBM Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises installations.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
IBM Maximo APM - Predictive Maintenance Insights On-Premises 1.0.3
IBM Predictive Maintenance and Quality All

Remediation/Fixes

Please refer to below security bulletins for details on the vulnerabilities. The recommended solution is to upgrade to Fix Pack version 11.5.7 on DB2 Server for IBM Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises installations.

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure, exposing remote storage credentials to privileged users under specific conditions. (CVE-2021-29752): <https://www.ibm.com/support/pages/node/6489489&gt;

Security Bulletin: IBM® Db2® could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. (CVE-2021-29825): <https://www.ibm.com/support/pages/node/6489499&gt;

Security Bulletin: IBM® Db2® under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service. (CVE-2021-29763): <https://www.ibm.com/support/pages/node/6489493&gt;

Workarounds and Mitigations

None

Related

ibm 6
cnvd 3
prion 3
cve 3
cvelist 3
nvd 3
ibm
ibm
Security Bulletin: Multiple security vulnerabilities have been identified in IBM DB2 shipped with IBM Maximo Asset Management (CVE-2021-29763, CVE-2021-29752 and CVE-2021-29825)
2021-10-20 21:25:11
Security Bulletin: Multiple vulnerabilities have been identified in DB2 that affect the IBM Performance Management product.
2021-12-18 01:03:45
Security Bulletin: IBM® Db2® under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service. (CVE-2021-29763)
2021-12-08 18:17:32
cnvd
cnvd
IBM DB2 has an unspecified vulnerability (CNVD-2021-94309)
2021-09-17 00:00:00
IBM Db2 Information Disclosure Vulnerability (CNVD-2021-87029)
2021-09-17 00:00:00
IBM DB2 Information Disclosure Vulnerability (CNVD-2021-94308)
2021-09-17 00:00:00
prion
prion
Information disclosure
2021-09-16 16:15:00
Design/Logic Flaw
2021-09-16 16:15:00
Design/Logic Flaw
2021-09-16 16:15:00
cve
cve
CVE-2021-29825
2021-09-16 16:15:08
CVE-2021-29752
2021-09-16 16:15:07
CVE-2021-29763
2021-09-16 16:15:08
cvelist
cvelist
CVE-2021-29752
2021-09-16 15:50:17
CVE-2021-29763
2021-09-16 15:50:18
CVE-2021-29825
2021-09-16 15:50:20
nvd
nvd
CVE-2021-29763
2021-09-16 16:15:08
CVE-2021-29752
2021-09-16 16:15:07
CVE-2021-29825
2021-09-16 16:15:08

EPSS

0.001

Percentile

44.8%

JSON
Related for EF4FA57BD5224D546E74A6AEDED96533CB0469A908E90741099A6254B76FD66B
ibm6cnvd3prion3cve3cvelist3nvd3