IBM DB2 is shipped with IBM Predictive Maintenance and Quality and Predictive Maintenance Insights On-Premises. Information about security vulnerabilities affecting DB2 has been published in multiple security bulletins as below.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM Maximo APM - Predictive Maintenance Insights On-Premises | 1.0.3 |
IBM Predictive Maintenance and Quality | 1.0.x |
IBM Predictive Maintenance and Quality | 2.5.x |
IBM Predictive Maintenance and Quality | 2.0.x |
Security Bulletin: IBM® Db2® is vulnerable to a denial of service (CVE-2020-5024)
<https://www.ibm.com/support/pages/node/6427861>
Affected Releases: v9.1, v10.1, v10.5, v11.1, v11.5
Security Bulletin: IBM® Db2® db2fm is vulnerable to a buffer overflow (CVE-2020-5025)
<https://www.ibm.com/support/pages/node/6427855>
Affected Releases: v9.1, v10.1, v10.5, v11.1, v11.5
Security Bulletin: IBM® Db2® is vulnerable to weak file permissions allowing access to specific files (CVE-2020-4976)
<https://www.ibm.com/support/pages/node/6427859>
Affected Releases: v9.1, v10.1, v10.5, v11.1, v11.5
Please refer to above security bulletins for the detailed fix information.
None