Medium Severity

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime related to the Kerberos component affect IBM® Db2®. (CVE-2019-2949)

Sep 10, 2020 8:00 pm EDT

Categorized: Medium Severity

Share this post:

In some versions of IBM Java SDK a vulnerability related to the Kerberos component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors.

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V11.1, and V11.5 editions running on all platforms. IBM Db2 V10.5 is not affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6330711


Previous Post

Security Bulletin: A vulnerability may affect IBM® SDK, Java™ Technology Edition used in Liberty for Java for IBM Cloud (CVE-2020-2601)

Next Post

Security Bulletin: IBM® Db2® on AIX and Linux Affected by a Vulnerability in IBM® Spectrum Scale (CVE-2020-4412)
More stories

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Python

Mar 4, 2021 7:00 pm EST | Medium Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Python. ...read more

Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (March 2021)

Mar 4, 2021 7:00 pm EST | Medium Severity

Multiple vulnerabilities affect IBM Cloud Object Storage Systems. These vulnerabilities have been addressed in the latest ClevOS releases. ...read more

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM StoredIQ for Legal

Mar 4, 2021 7:00 pm EST | Medium Severity

There are multiple vulnerabilities that affect IBM WebSphere Application Server shipped with IBM StoredIQ for Legal. These have been addressed in Fix Pack 2.0.3.13 of StoredIQ for Legal. ...read more