← back
CVE-2020-4135

CVE-2020-4135

CVSS 7.5 HIGHEPSS 2.9%
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.5EPSS 2.9%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
19 Feb 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage.
CVSS:3.0/A:H/PR:N/AC:L/C:N/S:U/UI:N/AV:N/I:N/RC:C/RL:O/E:U
Affected products
IBM · DB2 for Linux- UNIX and Windows

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/173806https://security.netapp.com/advisory/ntap-20210108-0001/https://www.ibm.com/support/pages/node/2876307