IBM DB2¸ßΣ·ì϶°²È«¹«¸æ

°ä²¼¹¦·ò 2018-09-25

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2018-1710£¬ £¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ £¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ8.4£¬ £¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-1711£¬ £¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ £¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ8.4£¬ £¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


IBM DB2 9.7°æ±¾£¬ £¬£¬£¬£¬£¬£¬£¬10.1°æ±¾£¬ £¬£¬£¬£¬£¬£¬£¬10.5°æ±¾£¬ £¬£¬£¬£¬£¬£¬£¬11.1°æ±¾


·ì϶¸ÅÊö


IBM DB2ÊÇÃÀ¹úIBM¹«Ë¾µÄÒ»Ì×¹ØϵÐÍÊý¾Ý¿âÖÎÀíϵͳ¡£¡£¡£¡£¡£¸ÃϵͳµÄÖ´Ðл·¾³ÖØÒªÓÐUNIX¡¢Linux¡¢IBM i¡¢z/OSÒÔ¼°Windows·þÎñÆ÷°æ±¾¡£¡£¡£¡£¡£ 
CVE-2018-1710£ºIBM DB2£¨Ô̺¬DB2 Connect Server£©Öеġ®db2licm¡¯¹¤¾ß´æÔÚ»º³åÇøÒç¶Âí½Å¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉÀûÓø÷ì϶ִÐÐËÁÒâ´úÂë¡£¡£¡£¡£¡£

 CVE-2018-1711£ºIBM DB2£¨Ô̺¬DB2 Connect Server£©ÖеÄAdministrative Task Scheduler (ATS)´æÔÚÌáȨ·ì϶¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉÀûÓø÷ì϶Åú¸ÄATSʹÓõĽÚÔì±í£¬ £¬£¬£¬£¬£¬£¬£¬½ø¶øδÊÚȨ½Ó¼ûÓû§Êý¾Ý¡£¡£¡£¡£¡£


·ì϶ÑéÖ¤


ÔÝÎÞPOC\EXP


½¨¸´½¨Òé


Ä¿Ç°³§ÉÌÒÑ°ä²¼Éý¼¶²¹¶¡ÒÔ½¨¸´·ì϶£¬ £¬£¬£¬£¬£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó£º
CVE-2018-1710
https://www-01.ibm.com/support/docview.wss?uid=ibm10729981
CVE-2018-1711

https://www-01.ibm.com/support/docview.wss?uid=ibm10729983


²Î¿¼Á´½Ó


https://exchange.xforce.ibmcloud.com/vulnerabilities/146364
https://exchange.xforce.ibmcloud.com/vulnerabilities/146369