5 matches found
Security Bulletin: IBM® Db2® is vulnerable to an information disclosure. (CVE-2020-4387)
Summary IBM® Db2® could allow a local user to obtain sensitive information using a race condition of a symbolic link. Vulnerability Details CVEID: CVE-2020-4387 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server could allow a local user to obtain sensitive information...
Security Bulletin: Multiple vulnerabilities in Db2 affect IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise
Summary IBM® Db2® shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise is vulnerable to information disclosure. Vulnerabilities have been identified in IBM Db2 and information about their fixes are published in a security bulletin. Vulnerability Details CVEID: CVE-2020-4387...
Security Bulletin: Multiple vulnerabilities in IBM DB2 affect IBM Operations Analytics Predictive Insights
Summary There are multiple vulnerabilities in IBM® DB2 used by IBM Operations Analytics Predictive Insights 1.3.6 and earlier. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs CVE-2020-4386, CVE-2020-4355, CVE-2020-4420,CVE-2020-4414, CVE-2020-4363, CVE-2020-4387...
IBM DB2 9.7 < FP11 40162 / 10.1 < FP6 40161 / 10.5 < FP11 40160 / 11.1 < FP5 40159 / 11.5 < Mod 4 FP0 Multiple Vulnerabilities (Windows)
According to its version, the installation of IBM DB2 running on the remote host is either 9.7 prior to Fix Pack 11 Special Build 40162, 10.1 prior to Fix Pack 6 Special Build 40161, 10.5 prior to Fix Pack 11 Special Build 40160, or 11.1 prior to Fix Pack 5 Special Build 40159, 11.5 prior to Mod ...
CVE-2020-4387
CVE-2020-4387 describes a local information-disclosure vulnerability in IBM DB2 and DB2 Connect Server for Linux/Unix/Windows (versions 9.7, 10.1, 10.5, 11.1, 11.5) caused by a race condition of a symbolic link. Exploitation would allow a local attacker to obtain sensitive data as described in IB...