CVE-2020-4701
CVE-2020-4701
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.4EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
19 nov 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges.
CVSS:3.0/UI:N/PR:N/AC:L/I:H/A:H/S:U/AV:L/C:H/E:U/RC:C/RL:O
Productos afectados
IBM · DB2 for Linux, UNIX and Windows