Security Bulletin: Security vulnerabilities have been identified in IBM Db2 shipped with IBM Maximo APM - Predictive Maintenance Insights On-Premise (CVE-2019-4094)

Summary

IBM DB2 is shipped with IBM Maximo APM - Predictive Maintenance Insights On-Premise (formerly IBM IoT Predictive Maintenance and Optimization). Information about some security vulnerabilities affecting IBM DB2 have been published in their respective security bulletins.

Vulnerability Details

Refer to the security bulletins listed in the Remediation/Fixes section

Affected Products and Versions

IBM IoT Predictive Maintenance and Optimization 1.0.0 – 1.0.1

IBM Maximo APM - Predictive Maintenance Insights On-Premise 1.0.2

Remediation/Fixes

Refer to the following security bulletins for vulnerability details and information about fixes addressed by IBM DB2 which is shipped with IBM Maximo APM - Predictive Maintenance Insights On-Premises.

Principal Product and Version(s)

|

Affected Supporting Product and Version

|

Affected Supporting Product Security Bulletin

—|—|—

IBM IoT Predictive Maintenance and Optimization 1.0.0 – 1.0.1

IBM Maximo APM - Predictive Maintenance Insights On-Premise 1.0.2

|

IBM DB2 Enterprise Server Edition V10.5

|

Security Bulletin: IBM® Db2® is vulnerable to privilege escalation via loading libraries from an untrusted path (CVE-2019-4094).

Workarounds and Mitigations

None.