Medium Severity

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure. (CVE-2020-4386)

Share this post:

IBM® Db2® could allow a local user to obtain sensitive information using a race condition of a symbolic link.

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 editions on all platforms are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6242342

More stories

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Python

Mar 4, 2021 7:00 pm EST | Medium Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Python. ...read more


Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (March 2021)

Mar 4, 2021 7:00 pm EST | Medium Severity

Multiple vulnerabilities affect IBM Cloud Object Storage Systems. These vulnerabilities have been addressed in the latest ClevOS releases. ...read more


Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM StoredIQ for Legal

Mar 4, 2021 7:00 pm EST | Medium Severity

There are multiple vulnerabilities that affect IBM WebSphere Application Server shipped with IBM StoredIQ for Legal. These have been addressed in Fix Pack 2.0.3.13 of StoredIQ for Legal. ...read more