Information
The SYSIBM.SYSPLAN table contains the names of all packages created in the database instance. It is recommended that the PUBLIC role be restricted from accessing this table.
Rationale:
The names of packages created in the database can be used as an entry point if a vulnerable package exists.
Solution
Perform the following to revoke access from PUBLIC.
Connect to the Db2 database.
db2 => connect to <dbname>
Run the following command:
db2 => REVOKE SELECT ON SYSIBM.SYSPLAN FROM PUBLIC