Medium Severity

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure and denial of service (CVE-2020-4414)

Share this post:

IBM® Db2® could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service.

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 editions on all platforms are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6242356

More stories

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM InfoSphere Master Data Management

Jun 22, 2021 8:01 pm EDT | Medium Severity

IBM WebSphere Application Server traditional is vulnerable to an XML External Entity (XXE) Injection vulnerability ...read more


Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by InfoSphere Master Data Management

Jun 22, 2021 8:01 pm EDT | Medium Severity

WebSphere Application Server is vulnerable to a directory traversal vulnerability. This has been addressed. ...read more


Security Bulletin: IBM Security Guardium is affected by an Oracle MySQL vulnerability

Jun 22, 2021 8:00 pm EDT | Medium Severity

IBM Security Guardium has addressed the following vulnerability. ...read more