High Severity

Security Bulletin: IBM® Db2® is vulnerable to a denial of service (CVE-2020-5024)

Share this post:

IBM Db2 for Linux, UNIX and Windows could allow an unauthenticated attacker to cause a denial of service due to a hang in the SSL handshake response.

CVE(s): CVE-2020-5024

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 editions on all platforms are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6427861
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/193660

More stories

Security Bulletin: A vulnerability exists in the restricted shell of the IBM FlashSystem 900

Oct 25, 2021 8:00 pm EDT | High Severity

A vulnerability exists in the IBM FlashSystem 900 restricted shell (CVE-2021-29873). An exploit of this vulnerability could allow an authenticated attacker to access sensitive information or cause a denial of service. ...read more

Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities

Oct 25, 2021 8:00 pm EDT | High Severity

The Planning Analytics Workspace component of IBM Planning Analytics is affected by vulnerabilities These have been addressed in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 69. ...read more

Security Bulletin: Multiple vulnerabilites affect Engineering Lifecycle Management and IBM Engineering products.

Oct 25, 2021 8:00 pm EDT | High Severity

There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management (ELM), IBM Engineering Requirements Management DOORS Next (DOORS Next), IBM Engineering Workflow Management (EWM), IBM Engineering Systems Design Rhapsody, IBM Engineering Requirements Quality Assistant On-Premises. ...read more