IBM DB2¸ßΣÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2018-09-25

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2018-1710£¬£¬£¬ £¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬ £¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ8.4£¬£¬£¬ £¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-1711£¬£¬£¬ £¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬ £¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ8.4£¬£¬£¬ £¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


IBM DB2 9.7°æ±¾£¬£¬£¬ £¬£¬£¬10.1°æ±¾£¬£¬£¬ £¬£¬£¬10.5°æ±¾£¬£¬£¬ £¬£¬£¬11.1°æ±¾


Îó²î¸ÅÊö


IBM DB2ÊÇÃÀ¹úIBM¹«Ë¾µÄÒ»Ì×¹ØϵÐÍÊý¾Ý¿âÖÎÀíϵͳ¡£¡£¸ÃϵͳµÄÖ´ÐÐÇéÐÎÖ÷ÒªÓÐUNIX¡¢Linux¡¢IBM i¡¢z/OSÒÔ¼°WindowsЧÀÍÆ÷°æ±¾¡£¡£ 
CVE-2018-1710£ºIBM DB2£¨°üÀ¨DB2 Connect Server£©Öеġ®db2licm¡¯¹¤¾ß±£´æ»º³åÇøÒç³öÎó²î¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÖ´ÐÐí§Òâ´úÂë¡£¡£

 CVE-2018-1711£ºIBM DB2£¨°üÀ¨DB2 Connect Server£©ÖеÄAdministrative Task Scheduler (ATS)±£´æÌáȨÎó²î¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÐÞ¸ÄATSʹÓõĿØÖƱí£¬£¬£¬ £¬£¬£¬½ø¶øδÊÚȨ»á¼ûÓû§Êý¾Ý¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC\EXP


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬ £¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó£º
CVE-2018-1710
https://www-01.ibm.com/support/docview.wss?uid=ibm10729981
CVE-2018-1711

https://www-01.ibm.com/support/docview.wss?uid=ibm10729983


²Î¿¼Á´½Ó


https://exchange.xforce.ibmcloud.com/vulnerabilities/146364
https://exchange.xforce.ibmcloud.com/vulnerabilities/146369