CVE-2020-4945

Name of the Vulnerable Software and Affected Versions IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) version 11.5

Description The issue is related to improper group permissions, allowing an authenticated user to overwrite arbitrary files. This could potentially be exploited by a remote attacker to overwrite files.

Recommendations For IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) version 11.5, consider updating the permissions to prevent arbitrary file overwrites until a patch is available. As a temporary workaround, restrict access to sensitive files and directories to minimize the risk of exploitation.