Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM7942F3C19DA79A46D83CADC6B1D92D7D93C5F10D52677FAE915239599DACCBFD
HistoryJul 07, 2020 - 1:45 p.m.

Security Bulletin: Multiple DB2 Database Server Security Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform

2020-07-0713:45:17
www.ibm.com
7

0.001 Low

EPSS

Percentile

33.0%

JSON

Summary

Security Bulletin: Multiple DB2 Database Server Security Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform

Vulnerability Details

CVEID:CVE-2020-4200
**DESCRIPTION:**IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated attacker to send specially crafted commands to cause a denial of service. IBM X-Force ID: 174914.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174914 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Emptoris Strategic Supply Management Platform 10.1.0.x,10.1.1.x,10.1.3.x

Remediation/Fixes

Product Name **Versions affected ** **Remediation iFix / Fixpack **
IBM Emptoris Strategic Supply Management Platform 10.1.0.x 10.1.0.34
IBM Emptoris Strategic Supply Management Platform 10.1.1.x 10.1.1.33
IBM Emptoris Strategic Supply Management Platform 10.1.3.x 10.1.3.29

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

Subscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html&gt;) to be notified of important product support alerts like this.

References

Complete CVSS v3 Guide
On-line Calculator v3

Off

Related Information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

19 Jun 2020: Initial Publication

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

Document Location

Worldwide

[{“Business Unit”:{“code”:“BU059”,“label”:“IBM Software w/o TPS”},“Product”:{“code”:“SSYQ72”,“label”:“Emptoris Strategic Supply Management”},“Component”:“”,“Platform”:[{“code”:“PF025”,“label”:“Platform Independent”}],“Version”:“10.1.3.x,10.1.1.x, 10.1.0.x”,“Edition”:“”,“Line of Business”:{“code”:“LOB59”,“label”:“Sustainability Software”}}]

Related

ibm 17
cvelist 1
nvd 1
cve 1
prion 1
nessus 2
ibm
ibm
Security Bulletin: Multiple DB2 Database Server Security Vulnerabilities Affect IBM Emptoris Supplier Lifecycle Mgmt
2020-07-07 12:46:19
Security Bulletin: Multiple DB2 Database Server Security Vulnerabilities Affect IBM Emptoris Contract Management
2020-07-07 12:36:37
Security Bulletin: A security vulnerability has been identified in IBM DB2 shipped with IBM Maximo Asset Management (CVE-2020-4200)
2020-03-28 16:18:11
cvelist
cvelist
CVE-2020-4200
2020-02-18 00:00:00
nvd
nvd
CVE-2020-4200
2020-02-19 16:15:11
cve
cve
CVE-2020-4200
2020-02-19 16:15:11
prion
prion
Design/Logic Flaw
2020-02-19 16:15:00
nessus
nessus
IBM DB2 9.7 < FP11 39672 / 10.1 < FP6 39678 / 10.5 < FP10 39688 / 11.1.4 < FP5 39693 / 11.5 < FP0 39711 Multiple Vulnerabilities (UNIX)
2020-02-28 00:00:00
IBM DB2 9.7 < FP11 39672 / 10.1 < FP6 39678 / 10.5 < FP10 39688 / 11.1.4 < FP5 39693 / 11.5 < FP0 39711 Multiple Vulnerabilities (Windows)
2020-02-28 00:00:00

0.001 Low

EPSS

Percentile

33.0%

JSON
Related for 7942F3C19DA79A46D83CADC6B1D92D7D93C5F10D52677FAE915239599DACCBFD
ibm17cvelist1nvd1cve1prion1nessus2