What is CVE-2021-20579?

CVE-2021-20579 affects multiple versions of IBM Db2, allowing users to potentially access sensitive information. Organizations must patch to mitigate this risk.

What is the severity of CVE-2021-20579?

CVE-2021-20579 has a severity rating of MEDIUM with a CVSS base score of 6.5.

CVE-2021-20579 | Medium Vulnerability in IBM Db2

CVE-2021-20579 is a medium-severity vulnerability in IBM Db2 for Linux, UNIX and Windows. This weakness could allow a user who is granted the ability to create a view or inline SQL function to obtain sensitive information when the AUTO_REVAL setting is configured to DEFFERED_FORCE. The CVSS score for this vulnerability is 6.5, indicating a moderate risk level that organizations should take seriously.

The vulnerability affects several versions of IBM Db2, including 9.7, 10.1, 10.5, 11.1, and 11.5. Given the potential for sensitive data exposure, organizations using affected versions should prioritize remediation efforts. The vulnerability was published on June 24, 2021, and has since been modified, reflecting ongoing assessments of its impact.

Risk to organizations includes unauthorized access to sensitive information, which could lead to compliance violations and reputational damage. As such, organizations should address this vulnerability in their priority patch cycle to mitigate potential risks.

Currently, there are no known public exploits associated with this vulnerability, which indicates a window of opportunity for organizations to apply patches and mitigate risks before any potential exploit emerges.

Vulnerability Details

The vulnerability allows users who can create views or inline SQL functions to potentially obtain sensitive information when the AUTO_REVAL setting is configured as DEFFERED_FORCE. The CVSS 3.1 vector is AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, indicating a network attack vector with low complexity and low privileges required, while having a high confidentiality impact.

Technical Analysis

The root cause of this vulnerability lies in the improper handling of SQL functions and views when the AUTO_REVAL setting is configured incorrectly. Attackers may leverage this vulnerability by crafting SQL functions that exploit this misconfiguration. The attack vector is network-based, and the complexity is low, requiring only low privileges to exploit.

No user interaction is required for exploitation, which increases the potential risk. The vulnerability impacts the confidentiality of data, while integrity and availability impacts are not affected.

Risk & Impact Analysis

Organizations deploying affected versions of IBM Db2 face significant risks, including potential exposure of sensitive data. The blast radius could extend across entire organizational databases, particularly in environments where database views are widely used. The CVSS score of 6.5 suggests a medium urgency for action, meaning organizations should address this vulnerability as part of their regular patch management cycle.

With an EPSS score of 0.0027, the likelihood of exploitation in the wild is relatively low. However, given the potential impact of data exposure, organizations should not delay in implementing patches for this vulnerability.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The vulnerable versions of IBM Db2 include 9.7, 10.1, 10.5, 11.1, and 11.5. Organizations should ensure that they have upgraded to the latest patched versions to mitigate this vulnerability.

Mitigation & Remediation

Organizations are encouraged to apply the latest patches provided by IBM to remediate this vulnerability. For more detailed guidance, consult the application security assessments that can help identify any additional vulnerabilities.

Detection Guidance

Monitoring logs for unusual access patterns can help detect potential exploitation of this vulnerability. Additionally, organizations should look for behavioral anomalies in SQL function executions that may indicate attempts to exploit this weakness.

AppSecure Threat Intelligence Insight

This vulnerability highlights the importance of secure database configurations and the need for continuous monitoring and auditing of database security settings. Security teams should adopt a proactive stance by implementing security best practices, such as regular security audits and assessments. For further reading, consider the following resources: penetration testing methodology, vulnerability management program design, and security testing best practices to strengthen defenses against vulnerabilities.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2021-20579: Medium Vulnerability in IBM Db2