Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with WebSphere Remote server (CVE-2013-6747, CVE-2014-0963)

2018-06-1507:00:49

www.ibm.com

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

JSON

Summary

IBM DB2 is shipped as a component of WebSphere Remote Server. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin.

Vulnerability Details

For vulnerability details, see the IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963) document.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
WebSphere Remote Server 6.1, 6.2, 6.2.1, 7.0, 7.1, 7.1.1, 7.1.2, 8.5| IBM DB2 Workgroup Server Edition
9.1, 9.5, 9.7, 10.1

CPENameOperatorVersion
websphere remote servereq8.5
websphere remote servereq7.1.2
websphere remote servereq7.1.1
websphere remote servereq7.1
websphere remote servereq7.0
websphere remote servereq6.2.1
websphere remote servereq6.2
websphere remote servereq6.1

Name	Operator	Version
websphere remote server	eq	8.5
websphere remote server	eq	7.1.2
websphere remote server	eq	7.1.1
websphere remote server	eq	7.1
websphere remote server	eq	7.0
websphere remote server	eq	6.2.1
websphere remote server	eq	6.2
websphere remote server	eq	6.1