Rewterz Threat Advisory – CVE-2020-4414 – Memory leak in IBM DB2

Rewterz Threat Alert – DarkSide: New targeted ransomware attacking organizations

August 24, 2020

Rewterz Threat Advisory – CVE-2020-7710 – Node.js safe-eval module command execution

August 25, 2020

Rewterz Threat Advisory – CVE-2020-4414 – Memory leak in IBM DB2

Severity

Medium

Analysis Summary

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service.

Impact

Information disclosure
Denial of service

Affected Vendors

IBM

Affected Products

IBM Db2 V9.7
V10.1
V10.5
V11.1
V11.5

Remediation

Users are advised to update to fixed versions.

Rewterz Threat Alert – DarkSide: New targeted ransomware attacking organizations

Rewterz Threat Advisory – CVE-2020-7710 – Node.js safe-eval module command execution

Rewterz Threat Advisory – CVE-2020-4414 – Memory leak in IBM DB2

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan