IBM835A0ADA5D2FF508CCEA9BEC2CCBF10A7509A83BEC8B8EB3D64BDA2741F7E425Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager
6.8 Medium
AI Score
Confidence
Low
Summary
IBM Db2 is shipped as a component of IBM Security Key Lifecycle Manager (SKLM/GKLM). Information about multiple security vulnerabilities affecting IBM Db2 has been published in a security bulletin.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security Guardium Key Lifecycle Manager | 3.0, 3.0.1, 4.0, 4.1, 4.1.1, 4.2, 4.2.1 |
Remediation/Fixes
Principal Product and Version(s)
| Affected Supporting Product and Version
—|—
IBM Security Key Lifecycle Manager (SKLM) v3.0 | IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v3.0.1 | IBM Db2 11.1.2.2
IBM Security Key Lifecycle Manager (SKLM) v4.0 | IBM Db2 11.1.4.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1 | IBM Db2 11.5.4
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.1.1 | IBM Db2 11.5.8
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2 | IBM Db2 11.5.8
IBM Security Guardium Key Lifecycle Manager (GKLM) v4.2.1 | IBM Db2 11.5.9
Please consult the Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®. (Oct 2023 CPU) for vulnerability details and information about fixes.
Workarounds and Mitigations
None
Affected configurations
6.8 Medium
AI Score
Confidence
Low