CNNVD-202511-788 Information
CNNVD ID
CNNVD-202511-788
Related CVE
- CNNVD Published: 2025-11-07
Description (Chinese)
IBM Db2是美国国际商业机器(IBM)公司的一套关系型数据库管理系统。该系统的执行环境主要有UNIX、Linux、IBMi、z/OS以及Windows服务器版本。 IBM Db2 11.1.4.7及之前版本、11.5.9及之前版本和12.1.3及之前版本存在安全漏洞,该漏洞源于clpplus命令暴露用户凭据,可能导致第三方通过物理访问获取凭据。
Description (English)
IBM Db2 is a relationship database management system for the United States International Business Machinery (IBM). The implementation environment for the system is mainly UNIX, Linux, IBMi, z/OS and Windows server versions. IBM Db2 11.1.4.7 and previous, 11.5.9 and previous and 12.1.3 and previous versions have a security loophole, which stems from clpplus commands that expose user evidence and may lead third parties to obtain it through physical access.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2025-11-07
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7250484 https://access.redhat.com/security/cve/cve-2025-36131
Patch
https://www.ibm.com/support/pages/node/7250484
Share on: