CVE-2020-4414
published 2020-07-01CVE-2020-4414: IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions…
medium4.4CVSS 3.1
AVLACLPRLUINSUCLINAL
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. IBM X-Force ID: 179989.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | db2 | — | — |
| ibm | db2 | — | — |
| ibm | db2 | — | — |
| ibm | db2 | — | — |
| ibm | db2 | — | — |
| ibm | db2_for_linux_unix_and_windows | — | — |
| ibm | db2_for_linux_unix_and_windows | — | — |
| ibm | db2_for_linux_unix_and_windows | — | — |
| ibm | db2_for_linux_unix_and_windows | — | — |
| ibm | db2_for_linux_unix_and_windows | — | — |