Medium Severity

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure and denial of service (CVE-2020-4414)

Share this post:

IBM® Db2® could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service.

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 editions on all platforms are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6242356

More stories

Security Bulletin: A vulnerability in Samba affects IBM Spectrum Scale SMB protocol access method (CVE-2021-20254)

Dec 6, 2021 7:00 pm EST | Medium Severity

A Samba vulnerability affects IBM Spectrum Scale SMB protocol access method that could allow a remote attacker to bypass security restrictions and gain unauthorized access to files. ...read more



Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management

Dec 6, 2021 7:00 pm EST | Medium Severity

Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVEs. ...read more