Detections
Analytics
1.1.1 Install Available Updates
Information
The Db2 product is identified by a <Version>.<Release>.<Modpack>.<Fixpack> scheme. For example, 12.1.2.0 refers to version 12, release 1, modpack 2 fixpack 0. Modification packs contain new features as well as defect fixes and are indicated by a change in the modification and fix pack numbers in the product identifier. Fix packs contain only defect fixes and are indicated by a change in just the fix pack number in the product identifier (e.g. Db2 12.1.2.3 would be fix pack 3 for Db2 12.1 mod 2). Cumulative service builds (CSBs) contain fixes made available since the last modification or fix pack released and are identified by an special_NNNNN suffix, where NNNNN is the number of the CSB.Periodically, IBM releases updates for its Db2 12.1 products in the form of modification packs, fix packs, and cumulative service builds. All updates are cumulative and contain the contents of the previous updates provided.
It is recommended that you review the available updates for Db2 12.1 on a regular and frequent basis and, optionally, subscribe for notification of critical Db2 fixes.
Rationale:
Being aware of the available updates and critical fixes helps you evaluate which Db2 update is the minimum level that you should use for your next system update. It will also help you understand the relative urgency of acquiring the latest Db2 fix pack to help protect the database from known vulnerabilities and reduce downtime that may otherwise result from functional defects.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Apply the latest fix pack as offered from IBM.See Also
Item Details
Audit Name: CIS IBM DB2 12.1 v1.0.0 Database Level 1
Category: RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY
References: 800-53|RA-5, 800-53|SI-2, 800-53|SI-2(2), CSCv7|3.5
Plugin: IBM_DB2DB
Control ID: 486038b7c0bfdbdad95e227fb7dd0ae612adb6c0aca852b1ab940587c8f8fdf2