IBM DB2¸ßΣÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2018-09-25

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2018-1710£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ8.4£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-1711£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ8.4£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


IBM DB2 9.7°æ±¾£¬£¬£¬10.1°æ±¾£¬£¬£¬10.5°æ±¾£¬£¬£¬11.1°æ±¾


Îó²î¸ÅÊö


IBM DB2ÊÇÃÀ¹úIBM¹«Ë¾µÄÒ»Ì×¹ØϵÐÍÊý¾Ý¿âÖÎÀíϵͳ¡£¡£¡£¸ÃϵͳµÄÖ´ÐÐÇéÐÎÖ÷ÒªÓÐUNIX¡¢Linux¡¢IBM i¡¢z/OSÒÔ¼°WindowsЧÀÍÆ÷°æ±¾¡£¡£¡£ 
CVE-2018-1710£ºIBM DB2£¨°üÀ¨DB2 Connect Server£©Öеġ®db2licm¡¯¹¤¾ß±£´æ»º³åÇøÒç³öÎó²î¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÖ´ÐÐí§Òâ´úÂë¡£¡£¡£

 CVE-2018-1711£ºIBM DB2£¨°üÀ¨DB2 Connect Server£©ÖеÄAdministrative Task Scheduler (ATS)±£´æÌáȨÎó²î¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÐÞ¸ÄATSʹÓõĿØÖƱí£¬£¬£¬½ø¶øδÊÚȨ»á¼ûÓû§Êý¾Ý¡£¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC\EXP


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó£º
CVE-2018-1710
https://www-01.ibm.com/support/docview.wss?uid=ibm10729981
CVE-2018-1711

https://www-01.ibm.com/support/docview.wss?uid=ibm10729983


²Î¿¼Á´½Ó


https://exchange.xforce.ibmcloud.com/vulnerabilities/146364
https://exchange.xforce.ibmcloud.com/vulnerabilities/146369