What is the vulnerability ID for this vulnerability?

The vulnerability ID for this vulnerability is CVE-2020-5024.

What is the severity of CVE-2020-5024?

The severity of CVE-2020-5024 is high with a CVSS score of 7.5.

Which versions of IBM DB2 are affected by CVE-2020-5024?

The versions affected by CVE-2020-5024 include IBM DB2 9.7, 10.1, 10.5, 11.1, and 11.5.

What is the IBM X-Force ID associated with CVE-2020-5024?

The IBM X-Force ID associated with CVE-2020-5024 is 193660.

Vulnerability/
CVE-2020-5024

high

7.5

10/3/2021

4/8/2024

CVE-2020-5024

Q: How does CVE-2020-5024 impact IBM DB2?

CVE-2020-5024 could allow an unauthenticated attacker to cause a denial of service due to a hang in the SSL handshake response.

First published: Wed Mar 10 2021(Updated: )

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the SSL handshake response. IBM X-Force ID: 193660.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM DB2 Universal Database	>=11.1.0.0<11.1.4.6
IBM DB2 Universal Database	>=11.5<11.5.5.0
IBM DB2 Universal Database	=9.7
IBM DB2 Universal Database	=9.7-fp1
IBM DB2 Universal Database	=9.7-fp10
IBM DB2 Universal Database	=9.7-fp2
IBM DB2 Universal Database	=9.7-fp3
IBM DB2 Universal Database	=9.7-fp3a
IBM DB2 Universal Database	=9.7-fp4
IBM DB2 Universal Database	=9.7-fp5
IBM DB2 Universal Database	=9.7-fp6
IBM DB2 Universal Database	=9.7-fp7
IBM DB2 Universal Database	=9.7-fp8
IBM DB2 Universal Database	=9.7-fp9
IBM DB2 Universal Database	=9.7-fp9a
IBM DB2 Universal Database	=10.1
IBM DB2 Universal Database	=10.1-fp1
IBM DB2 Universal Database	=10.1-fp2
IBM DB2 Universal Database	=10.1-fp3
IBM DB2 Universal Database	=10.1-fp3a
IBM DB2 Universal Database	=10.1-fp4
IBM DB2 Universal Database	=10.1-fp5
IBM DB2 Universal Database	=10.5
IBM DB2 Universal Database	=10.5-fp1
IBM DB2 Universal Database	=10.5-fp2
IBM DB2 Universal Database	=10.5-fp3
IBM DB2 Universal Database	=10.5-fp3a
IBM DB2 Universal Database	=10.5-fp4
IBM DB2 Universal Database	=10.5-fp5
IBM DB2 Universal Database	=10.5-fp6
IBM DB2 Universal Database	=10.5-fp7
IBM DB2 Universal Database	=10.5-fp8
IBM DB2 Universal Database	=10.5-fp9
Linux Kernel
Microsoft Windows Operating System
NetApp OnCommand Insight

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6427861

Frequently Asked Questions

What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-5024.
What is the severity of CVE-2020-5024?
The severity of CVE-2020-5024 is high with a CVSS score of 7.5.
Which versions of IBM DB2 are affected by CVE-2020-5024?
The versions affected by CVE-2020-5024 include IBM DB2 9.7, 10.1, 10.5, 11.1, and 11.5.
How does CVE-2020-5024 impact IBM DB2?
CVE-2020-5024 could allow an unauthenticated attacker to cause a denial of service due to a hang in the SSL handshake response.
What is the IBM X-Force ID associated with CVE-2020-5024?
The IBM X-Force ID associated with CVE-2020-5024 is 193660.

agent/type
collector/mitre-cve
source/MITRE
collector/ibm-support
source/IBM
agent/last-modified-date
agent/author
agent/severity
agent/references
agent/description
agent/event
agent/first-publish-date
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm db2 universal database
version/ibm db2 universal database/11.1.0.0
version/ibm db2 universal database/11.5
version/ibm db2 universal database/9.7
version/ibm db2 universal database/9.7-fp1
version/ibm db2 universal database/9.7-fp10
version/ibm db2 universal database/9.7-fp2
version/ibm db2 universal database/9.7-fp3
version/ibm db2 universal database/9.7-fp3a
version/ibm db2 universal database/9.7-fp4
version/ibm db2 universal database/9.7-fp5
version/ibm db2 universal database/9.7-fp6
version/ibm db2 universal database/9.7-fp7
version/ibm db2 universal database/9.7-fp8
version/ibm db2 universal database/9.7-fp9
version/ibm db2 universal database/9.7-fp9a
version/ibm db2 universal database/10.1
version/ibm db2 universal database/10.1-fp1
version/ibm db2 universal database/10.1-fp2
version/ibm db2 universal database/10.1-fp3
version/ibm db2 universal database/10.1-fp3a
version/ibm db2 universal database/10.1-fp4
version/ibm db2 universal database/10.1-fp5
version/ibm db2 universal database/10.5
version/ibm db2 universal database/10.5-fp1
version/ibm db2 universal database/10.5-fp2
version/ibm db2 universal database/10.5-fp3
version/ibm db2 universal database/10.5-fp3a
version/ibm db2 universal database/10.5-fp4
version/ibm db2 universal database/10.5-fp5
version/ibm db2 universal database/10.5-fp6
version/ibm db2 universal database/10.5-fp7
version/ibm db2 universal database/10.5-fp8
version/ibm db2 universal database/10.5-fp9
vendor/linux
canonical/linux kernel
vendor/microsoft
canonical/microsoft windows operating system
vendor/netapp
canonical/netapp oncommand insight

CVE-2020-5024

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the vulnerability ID for this vulnerability?

What is the severity of CVE-2020-5024?

Which versions of IBM DB2 are affected by CVE-2020-5024?

How does CVE-2020-5024 impact IBM DB2?

What is the IBM X-Force ID associated with CVE-2020-5024?

Company

Resources

Contact