CVE-2020-4976
published 2021-03-11CVE-2020-4976: IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to read and write specific files due…
medium4.4CVSS 3.1
AVLACLPRLUINSUCLILAN
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to read and write specific files due to weak file permissions. IBM X-Force ID: 192469.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | db2 | — | — |
| ibm | db2 | — | — |
| ibm | db2 | — | — |
| ibm | db2 | >= 11.1.0.0 < 11.1.4.6 | 11.1.4.6 |
| ibm | db2 | >= 11.5 < 11.5.5.0 | 11.5.5.0 |