The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of IBM DB2: denial of service via Terminate Command

Synthesis of the vulnerability 

An attacker can trigger a fatal error via Terminate Command of IBM DB2, in order to trigger a denial of service.
Impacted software: Db2 UDB, Tivoli Storage Manager.
Severity of this computer vulnerability: 2/4.
Creation date: 01/07/2020.
Références of this announce: 286269, 6242362, 6369095, CERTFR-2020-AVI-627, CERTFR-2020-AVI-798, CERTFR-2021-AVI-188, CVE-2020-4420, VIGILANCE-VUL-32674.

Description of the vulnerability 

An attacker can trigger a fatal error via Terminate Command of IBM DB2, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This security announce impacts software or systems such as Db2 UDB, Tivoli Storage Manager.

Our Vigil@nce team determined that the severity of this threat is medium.

The trust level is of type confirmed by the editor, with an origin of intranet client.

An attacker with a expert ability can exploit this computer vulnerability announce.

Solutions for this threat 

IBM DB2: version 11.1 Mod 4 Fix Pack 6.
The version 11.1 Mod 4 Fix Pack 6 is fixed:
  https://www.ibm.com/support/pages/node/6427871

IBM DB2: patch for Terminate Command.
A patch is indicated in information sources.

IBM Spectrum Protect Server: fixed versions for Dependencies.
Fixed versions are indicated in information sources.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides applications vulnerabilities announces. The Vigil@nce vulnerability database contains several thousand vulnerabilities.