Several security vulnerabilities endanger the IBM Db2 database system

The IBM DB2 database system is vulnerable. Attackers could attack systems and, among other things, gain unauthorized access to data or overwrite files. Versions secured against this provide a remedy.

Administrators should investigate the warning messages linked under this message and find and install any security updates that affect them. Among others, IBM Db2 versions V9.7, V10.1, V10.5, V11.1 and V11.5 on AIX, HP-UX, Linux, Solaris and Windows systems are affected.

The most dangerous is the one with the threat level “high“Vulnerability classified with the identifier CVE-2021-29703. Here, an attacker could cripple the database server by executing specially crafted SELECT statements.

If attackers succeed in resolving the other vulnerabilities, an authenticated attacker could overwrite files (CVE-2021-4945 “way“). In addition, unauthorized access to the Db2 configuration is possible (CVE-2021-4885”way“). Successful exploitation of another vulnerability (CVE-2021-20579”way“) Could lead to information disclosure. Vulnerability (CVE-2021-29777”way“) Could pave the way for a DoS attack.


Source of the article

Disclaimer: This article is generated from the feed and not edited by our team.

Comments are closed.