CNNVD-202601-5020 Information
CNNVD ID
CNNVD-202601-5020
Related CVE
- CNNVD Published: 2026-01-30
Description (Chinese)
IBM Db2是美国国际商业机器(IBM)公司的一套关系型数据库管理系统。该系统的执行环境主要有UNIX、Linux、IBMi、z/OS以及Windows服务器版本。 IBM Db2 11.5.0版本至11.5.9版本和12.1.0版本至12.1.3版本存在安全漏洞,该漏洞源于启用RPSCAN功能时数据查询逻辑中对特殊元素中和不当,可能导致经过身份验证的用户发起拒绝服务攻击。
Description (English)
IBM Db2 is a relationship database management system for the United States International Business Machinery (IBM). The implementation environment for the system is mainly UNIX, Linux, IBMi, z/OS and Windows server versions. There is a security loophole between IBM Db2 11.5.0 to 11.5.9 and 12.1.0 to 12.1.3, which stems from the inappropriateness of the data search logic in special elements when the RPSCAN function is activated, which may lead to a denial of service attack by an identified user.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2026-01-30
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7257697 https://access.redhat.com/security/cve/cve-2025-36428
Patch
https://www.ibm.com/support/pages/node/7257697
Share on: