Medium Severity

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure. (CVE-2020-4386)

Share this post:

IBM® Db2® could allow a local user to obtain sensitive information using a race condition of a symbolic link.

Affected product(s) and affected version(s):

All fix pack levels of IBM Db2 V9.7, V10.1, V10.5, V11.1, and V11.5 editions on all platforms are affected.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6242342

More stories

Security Bulletin: Multiple security vulnerabilities with IBM Content Navigator component in IBM Business Automation Workflow – CVE-2020-4757, PSIRT-ADV0028011, CVE-2020-4934

May 17, 2021 8:00 pm EDT | Medium Severity

The embedded IBM Content Navigator, that is shipped with IBM Business Automation Workflow is vulnerable to several security vulnerabilities. ...read more


Security Bulletin: Guava Google Core Libraries Vulnerability Affects IBM Control Center (CVE-2020-8908)

May 14, 2021 8:01 pm EDT | Medium Severity

Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability. ...read more


Security Bulletin: IBM InfoSphere DataStage is affected by an Information disclosure vulnerability

May 14, 2021 8:01 pm EDT | Medium Severity

An Information disclosure vulnerability in IBM InfoSphere DataStage was addressed. ...read more