IBM Security Bulletin: Privilege escalation vulnerability affects IBM® DB2® LUW (CVE-2017-1134)

May 3, 2017 10:00 am EDT

Categorized: High Severity

DB2 LUW is affected by a vulnerability in IBM Tivoli System Automation for Multiplatforms (TSAMP).

CVE(s): CVE-2017-1134

Affected product(s) and affected version(s):

All fix pack levels of IBM DB2 V10.1, V10.5 and V11.1 editions listed below and running on Linux and Solaris are affected.

IBM® DB2® Express Edition
IBM® DB2® Workgroup Server Edition
IBM® DB2® Enterprise Server Edition
IBM® DB2® Advanced Enterprise Server Edition
IBM® DB2® Advanced Workgroup Server Edition
IBM® DB2® Connect™ Application Server Edition
IBM® DB2® Connect™ Enterprise Edition
IBM® DB2® Connect™ Unlimited Edition for System i®
IBM® DB2® Connect™ Unlimited Edition for System z®

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2p5DFle
X-Force Database: http://ift.tt/2neBtr3

from IBM Product Security Incident Response Team http://ift.tt/2p5m9xy