CVE-2021-20373

Name of the Vulnerable Software and Affected Versions: IBM Db2 versions 9.7, 10.1, 10.5, 11.1, and 11.5

Description: The issue is related to an Information Disclosure when using the LOAD utility under certain circumstances where it does not enforce directory restrictions.

Recommendations: For IBM Db2 versions 9.7, 10.1, 10.5, 11.1, and 11.5, consider restricting access to the LOAD utility until a patch is available. As a temporary workaround, consider implementing additional directory restrictions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.