Medium Severity

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure and denial of service (CVE-2020-4414)

Share this post:

IBM® Db2® could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service.

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 editions on all platforms are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6242356

More stories

Security Bulletin: User Behavior Analytics application add on to IBM QRadar SIEM is vulnerable to cacheable SSL pages (CVE-2021-20391)

May 13, 2021 8:01 pm EDT | Medium Severity

User Behavior Analytics application add on to IBM QRadar SIEM is vulnerable to cacheable SSL pages. ...read more


Security Bulletin: Samba for IBM i is affected by CVE-2021-20254

May 13, 2021 8:01 pm EDT | Medium Severity

Samba is supported on IBM i. IBM i has addressed the applicable CVE. ...read more


Security Bulletin: Vulnerability in OpenSSH affects IBM Integrated Analytics System

May 13, 2021 8:01 pm EDT | Medium Severity

Redhat provided OpenSSH is used by IBM Integrated Analytics System. This bulletin provides mitigation for the reported CVE. ...read more