8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.067 Low
EPSS
Percentile
93.9%
Host Integration Server 2020
A possible stack buffer overflow from a remote code execution has been exposed in the OLEDB provider for DB2. This fix addresses this issue in both Host Integration Server 2020 and the stand-alone DB2OLEDBv7.
This package is now available from Microsoft the Microsoft Download Center. This package is intended to correct only the problems that are described in this article. Apply this package only to systems that are experiencing these specific problems.Download this fix now
If you are obtaining this fix for Host Integration Server 2020, you need to have Microsoft Host Integration Server 2020 installed with CU1.Download Host Integration Server 2020 CU1If you are obtaining this fix for DB2OLEDBv7, then you need to uninstall your current version of DB2OLEDBv7 and install the version that can be downloaded on the link above (the link with the title “Download this fix”)
You may have to restart the computer after you apply this fix.
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
0.067 Low
EPSS
Percentile
93.9%