CNNVD-202511-784 Information
CNNVD ID
CNNVD-202511-784
Related CVE
- CNNVD Published: 2025-11-07
Description (Chinese)
IBM Db2是美国国际商业机器(IBM)公司的一套关系型数据库管理系统。该系统的执行环境主要有UNIX、Linux、IBMi、z/OS以及Windows服务器版本。 IBM Db2 12.1.0版本至12.1.3版本存在安全漏洞,该漏洞源于特定配置下执行不必要的特权操作,可能导致本地用户执行恶意代码并提升权限至root。
Description (English)
IBM Db2 is a relationship database management system for the United States International Business Machinery (IBM). The implementation environment for the system is mainly UNIX, Linux, IBMi, z/OS and Windows server versions. There is a security loophole in IBM Db2 12.1.0 to 12.1.3, which stems from unnecessary privilege operations in a given configuration, which may lead to local users implementing malicious codes and increasing privileges to root.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2025-11-07
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7250486 https://access.redhat.com/security/cve/cve-2025-36186
Patch
https://www.ibm.com/support/pages/node/7250486
Share on: