IBM® Db2® shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise is vulnerable to information disclosure. Multiple vulnerabilities have been identified in IBM Db2 and information about their fixes are published as security bulletins.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
Cloud Orchestrator | 2.5.0.10 |
The recommended solution is to manually upgrade to the special build of Db2 10.5 FP11 on IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise V2.5.0.10.
Consult the following security bulletins for IBM Db2 vulnerability details and information about fixes:
Security Bulletin: IBM® Db2® db2fm is vulnerable to a buffer overflow (CVE-2020-5025)
Security Bulletin: IBM® Db2® is vulnerable to a denial of service (CVE-2020-5024)
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm smartcloud orchestrator | eq | 2.5.0.10 |