Medium Severity

Security Bulletin: IBM® Db2® could allow a local user to read and write specific files due to weak file permissions (CVE-2020-4976)

Share this post:

IBM® Db2® could allow a local user to read and write specific files due to weak file permissions

CVE(s): CVE-2020-4976

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 editions on all platforms are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6489495
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/192469

More stories

Security Bulletin: IBM QRadar Advisor With Watson is vulnerable to cross site scripting

Oct 19, 2021 8:03 pm EDT | Medium Severity

IBM QRadar Advisor is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ...read more


Security Bulletin: IBM® Db2® could allow a local user to read and write specific files due to weak file permissions (CVE-2020-4976)

Oct 19, 2021 8:01 pm EDT | Medium Severity

IBM® Db2® could allow a local user to read and write specific files due to weak file permissions ...read more


Security Bulletin: IBM® Db2® is vulnerable to an information disclosure, exposing remote storage credentials to privileged users under specific conditions.(CVE-2021-29752)

Oct 19, 2021 8:01 pm EDT | Medium Severity

IBM® Db2® is vulnerable to an information disclosure, exposing remote storage credentials to privileged users under specific conditions.(CVE-2021-29752) ...read more