Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM54975AB9621DA4605CEEB50B0F9115FA7B3A6233FD32D725FD97E22543DDDD97
HistoryMar 01, 2022 - 9:21 p.m.

Security Bulletin: Security vulnerabilities have been identified in IBM DB2 used by IBM Security Verify Governance, Identity Manager software component

2022-03-0121:21:08
www.ibm.com
15
ibm db2
security vulnerabilities
ibm security verify governance
identity manager

EPSS

0.002

Percentile

51.8%

JSON

Summary

Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
IBM Security Verify Governance, Identity Manager software component All

Remediation/Fixes

Principal Product and Version(s) Affected Supporting Product and Version(s) Affected Supporting Product Security Bulletin
ISVG 10.0.0.3 DB2 V9.7, V10.1, V10.5, V11.1, V11.5 Security Bulletin: IBM® Db2® is vulnerable to an information disclosure (CVE-2021-20579)
ISVG 10.0.0.3 DB2 V10.1, V10.5, V11.1, V11.5 [Security Bulletin: IBM® Db2® is vulnerablVe to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. (CVE-2021-29703)
ISVG 10.0.0.3

| DB2 V9.7, V10.1, V10.5, V11.1, V11.5| Security Bulletin: Under special circumstances, Db2 is vulnerable to a denial of service during drop table (CVE-2021-29777)
ISVG 10.0.0.3| DB2 V11.5| Security Bulletin: IBM® Db2® could allow a local user to access and change the configuration of DB2 due to a race condition via a symbolic link. (CVE-2020-4885)
ISVG 10.0.0.3| DB2 V11.5| Security Bulletin: IBM® Db2® could allow an authenticated user to overwrite arbirary files due to improper group permissions. (CVE-2020-4945)

Workarounds and Mitigations

None

Related

ibm 22
nessus 5
prion 5
cve 5
nvd 5
cvelist 5
cnvd 3
ibm
ibm
Security Bulletin: Multiple IBM DB2 Server Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform
2021-09-20 05:28:14
Security Bulletin: IBM i2 Analyze is affected by multiple vulnerabilities in IBM DB2
2021-07-14 18:33:21
Security Bulletin: Vulnerabilities in IBM Db2 affect IBM Spectrum Protect Server (CVE-2021-29777, CVE-2021-20579, CVE-2021-29703, CVE-2020-4885, CVE-2020-4945)
2021-12-10 15:38:59
nessus
nessus
IBM DB2 9.7 < 9.7 / 10.1 < 10.1 / 10.5 < 10.5 / 11.1 < 11.1.4 / 11.5 < 11.5.6 Multiple Vulnerabilities (Unix)
2021-07-08 00:00:00
IBM DB2 9.7 < 9.7 / 10.1 < 10.1 / 10.5 < 10.5 / 11.1 < 11.1.4 / 11.5 < 11.5.6 Multiple Vulnerabilities (Windows)
2021-07-08 00:00:00
IBM DB2 11.5 < 11.5.6 FP0 Multiple Vulnerabilities (UNIX)
2021-07-02 00:00:00
prion
prion
Design/Logic Flaw
2021-06-24 19:15:00
Code injection
2021-06-24 19:15:00
Code injection
2021-06-24 19:15:00
cve
cve
CVE-2021-29703
2021-06-24 19:15:08
CVE-2021-29777
2021-06-24 19:15:08
CVE-2021-20579
2021-06-24 19:15:08
nvd
nvd
CVE-2021-29703
2021-06-24 19:15:08
CVE-2021-29777
2021-06-24 19:15:08
CVE-2021-20579
2021-06-24 19:15:08
cvelist
cvelist
CVE-2021-29703
2021-06-24 18:45:29
CVE-2021-29777
2021-06-24 18:45:30
CVE-2021-20579
2021-06-24 18:45:27
cnvd
cnvd
IBM DB2 Command Injection Vulnerability
2021-07-13 00:00:00
IBM DB2 Information Disclosure Vulnerability (CNVD-2021-99983)
2021-07-13 00:00:00
IBM DB2 Backlink Vulnerability
2021-06-25 00:00:00

EPSS

0.002

Percentile

51.8%

JSON
Related for 54975AB9621DA4605CEEB50B0F9115FA7B3A6233FD32D725FD97E22543DDDD97
ibm22nessus5prion5cve5nvd5cvelist5cnvd3