IBM DB2 Multiple Vulnerabilities

Last Update Date: 26 Jul 2019 10:20 Release Date: 26 Jul 2019 5208 Views

RISK: Medium Risk

TYPE: Servers - Database Servers

Multiple vulnerabilities were identified in IBM DB2, a remote user could exploit some of these vulnerabilities to trigger denial of service and remote code execution on the targeted system.

Impact

Denial of Service
Remote Code Execution

System / Technologies affected

IBM DB2 versions 9.7
IBM DB2 versions 10.1
IBM DB2 versions 10.5
IBM DB2 versions 11.1

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:
https://www-01.ibm.com/support/docview.wss?uid=ibm10959043

Vulnerability Identifier

CVE-2019-2602
CVE-2019-2684
CVE-2019-2697
CVE-2019-2698

Source

AusCERT
IBM