CNNVD-202507-3028 Information

CNNVD ID

CNNVD-202507-3028

Related CVE

CVE-2025-36117

• CNNVD Published: 2025-07-23

Description (Chinese)

IBM Db2 Mirror for i是美国国际商业机器（IBM）公司的一个确保关键数据库系统的高可用性、数据一致性和灾难恢复能力的软件。 IBM Db2 Mirror for i 7.4版本和7.5版本和7.6版本存在授权问题漏洞，该漏洞源于未禁止使用后的会话ID，可能导致用户冒充。

Description (English)

IBM Db2 Mirror for i is a software for the United States International Business Machine (IBM) that ensures high availability, data consistency and disaster recovery capabilities for key database systems. The IBM Db2 Mirror for i 7.4 and 7.5 and 7.6 had a mandate gap, which stemmed from a non-prohibited session ID and could lead to an impersonation by users.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

国际商业机器

Published

2025-07-23

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7240351

Patch

https://www.ibm.com/support/pages/node/7240351