Rewterz Threat Alert – DarkSide: New targeted ransomware attacking organizations
August 24, 2020Rewterz Threat Advisory – CVE-2020-7710 – Node.js safe-eval module command execution
August 25, 2020Rewterz Threat Alert – DarkSide: New targeted ransomware attacking organizations
August 24, 2020Rewterz Threat Advisory – CVE-2020-7710 – Node.js safe-eval module command execution
August 25, 2020Severity
Medium
Analysis Summary
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service.
Impact
- Information disclosure
- Denial of service
Affected Vendors
IBM
Affected Products
- IBM Db2 V9.7
- V10.1
- V10.5
- V11.1
- V11.5
Remediation
Users are advised to update to fixed versions.