Multiple vulnerabilities in IBM DB2 (CVSS Base Score 7.8) can be exploited to cause a denial of service or execute arbitrary code. The advisory lists affected products including IBM DB2 Big SQL, IBM License Metric Tool, and several versions of IBM Security Guardium Key Lifecycle Manager, but specific version ranges for DB2 itself are not provided. Mitigations are available, and administrators should apply the referenced updates from IBM.
[WID-SEC-2025-1675] IBM DB2: Mehrere Schwachstellen CVSS Base Score 7.8 (hoch) CVSS Temporal Score 6.8 (mittel) Remoteangriff nein Datum 29.07.2025 Stand UPDATE 28.04.2026 Mitigation ja Betroffene Systeme Betriebssystem Linux Sonstiges UNIX Windows Produktbeschreibung IBM DB2 ist ein relationales Datenbanksystem (RDBS) von IBM. Produkte UPDATE 27.04.2026 IBM License Metric Tool UPDATE 22.01.2026 IBM DB2 Big SQL UPDATE 26.10.2025 IBM Tivoli Business Service Manager 6.2.0 HCL Commerce UPDATE 13.08.2025 IBM Security Guardium Key Lifecycle Manager 4.1 IBM Security Guardium Key Lifecycle Manager 4.2 IBM Security Guardium Key Lifecycle Manager 4.1.1 IBM Security Guardium Key Lifecycle Manager 4.2.1 IBM Security Guardium Key Lifecycle Manager 5.0 29.07.2025 IBM DB2 Angriff Angriff Ein Angreifer kann mehrere Schwachstellen in IBM DB2 ausnutzen, um einen Denial of Service Angriff durchzufĂĽhren, und um beliebigen Programmcode auszufĂĽhren. CVE Informationen Versionshistorie Feedback zum Advisory geben