Medium Severity

Security Bulletin: IBM® Db2® could allow a local user elevated privileges due to allowing modification of columns of existing tasks (CVE-2021-38926)

December 15, 2021

Categorized: Medium Severity

Share this post:

Db2 could allow a local user elevated privileges due to allowing modification of columns of existing tasks.

CVE(s): CVE-2021-38926

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 server editions on all platforms are affected. 

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6523808
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/210321


Previous Post

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-2336)

Next Post

Security Bulletin: IBM Security Guardium is vulnerable to a remote code execution vulnerability in log4j2 component
More stories

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM WebSphere Cast Iron Solution & App Connect Professional.

July 1, 2022 | Medium Severity

There are multiple vulnerabilities in the IBM SDK Java Technology used by IBM WebSphere Cast Iron Solution & App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in Apr 2022, IBM WebSphere Cast Iron Solution & App Connect Professional have addressed the applicable CVEs. These vulnerabilities are addressed in App connect professional v7.5.5.0, customer can migrate to this version without incurring any additional cost. ...read more

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM WebSphere Cast Iron Solution & App Connect Professional.

July 1, 2022 | Medium Severity

There are multiple vulnerabilities in the IBM SDK Java Technology used by IBM WebSphere Cast Iron Solution & App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in Apr 2022, IBM WebSphere Cast Iron Solution & App Connect Professional have addressed the applicable CVEs. These vulnerabilities are addressed in App connect professional v7.5.5.0, customer can migrate to this version without incurring any additional cost. ...read more

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM WebSphere Cast Iron Solution & App Connect Professional.

July 1, 2022 | Medium Severity

There are multiple vulnerabilities in the IBM SDK Java Technology used by IBM WebSphere Cast Iron Solution & App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in Apr 2022, IBM WebSphere Cast Iron Solution & App Connect Professional have addressed the applicable CVEs. These vulnerabilities are addressed in App connect professional v7.5.5.0, customer can migrate to this version without incurring any additional cost. ...read more