Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMF763BC2C074EDB2A20A3C7D4DEFBA7391620A82D0619B13472345EF102914DC9
HistoryJul 07, 2020 - 12:33 p.m.

Security Bulletin: Multiple DB2 Database Server Security Vulnerabilities Affect IBM Emptoris Sourcing

2020-07-0712:33:09
www.ibm.com
14

EPSS

0.001

Percentile

32.8%

JSON

Summary

Security Bulletin: Multiple DB2 Database Server Security Vulnerabilities Affect IBM Emptoris Sourcing

Vulnerability Details

CVEID:CVE-2020-4200
**DESCRIPTION:**IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated attacker to send specially crafted commands to cause a denial of service. IBM X-Force ID: 174914.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174914 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Emptoris Sourcing 10.1.3.x,10.1.1.x, 10.1.0.x

Remediation/Fixes

Product Name **Versions affected ** **Remediation iFix / Fixpack **
IBM Emptoris Sourcing 10.1.0.x 10.1.0.34
IBM Emptoris Sourcing 10.1.1.x 10.1.1.33
IBM Emptoris Sourcing 10.1.3.x 10.1.3.29

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

Subscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html&gt;) to be notified of important product support alerts like this.

References

Complete CVSS v3 Guide
On-line Calculator v3

Off

Related Information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

19 Jun 2020: Initial Publication

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

Document Location

Worldwide

[{“Business Unit”:{“code”:“BU059”,“label”:“IBM Software w/o TPS”},“Product”:{“code”:“SSYR8W”,“label”:“Emptoris Sourcing”},“Component”:“”,“Platform”:[{“code”:“PF025”,“label”:“Platform Independent”}],“Version”:“10.1.3.x,10.1.1.x, 10.1.0.x”,“Edition”:“”,“Line of Business”:{“code”:“LOB02”,“label”:“AI Applications”}}]

Related

ibm 17
nvd 1
cvelist 1
prion 1
cve 1
nessus 2
ibm
ibm
Security Bulletin: A security vulnerability has been identified in IBM DB2 shipped with IBM Maximo Asset Management (CVE-2020-4200)
2020-03-28 16:18:11
Security Bulletin: IBM® Db2® is vulnerable to denial of service (CVE-2020-4200).
2021-03-10 21:27:19
Security Bulletin: Multiple DB2 Database Server Security Vulnerabilities Affect IBM Emptoris Supplier Lifecycle Mgmt
2020-07-07 12:46:19
nvd
nvd
CVE-2020-4200
2020-02-19 16:15:11
cvelist
cvelist
CVE-2020-4200
2020-02-19 15:15:46
prion
prion
Design/Logic Flaw
2020-02-19 16:15:00
cve
cve
CVE-2020-4200
2020-02-19 16:15:11
nessus
nessus
IBM DB2 9.7 < FP11 39672 / 10.1 < FP6 39678 / 10.5 < FP10 39688 / 11.1.4 < FP5 39693 / 11.5 < FP0 39711 Multiple Vulnerabilities (Windows)
2020-02-28 00:00:00
IBM DB2 9.7 < FP11 39672 / 10.1 < FP6 39678 / 10.5 < FP10 39688 / 11.1.4 < FP5 39693 / 11.5 < FP0 39711 Multiple Vulnerabilities (UNIX)
2020-02-28 00:00:00

EPSS

0.001

Percentile

32.8%

JSON
Related for F763BC2C074EDB2A20A3C7D4DEFBA7391620A82D0619B13472345EF102914DC9
ibm17nvd1cvelist1prion1cve1nessus2