CNNVD-202601-5031 Information
CNNVD ID
CNNVD-202601-5031
Related CVE
- CNNVD Published: 2026-01-30
Description (Chinese)
IBM Db2是美国国际商业机器(IBM)公司的一套关系型数据库管理系统。该系统的执行环境主要有UNIX、Linux、IBMi、z/OS以及Windows服务器版本。 IBM Db2 11.5.0版本至11.5.9版本和12.1.0版本至12.1.3版本存在安全漏洞,该漏洞源于在特定编目远程存储别名配置下,经过身份验证的用户可利用授权绕过漏洞执行未经授权的命令。
Description (English)
IBM Db2 is a relationship database management system for the United States International Business Machinery (IBM). The implementation environment for the system is mainly UNIX, Linux, IBMi, z/OS and Windows server versions. There is a security gap between IBM Db2 11.5.0 to 11.5.9 and 12.1.0 to 12.1.3, which arises from the fact that, under a specific catalogue configuration for remote storage of aliases, an authentication user can use the authorization to circumvent the loophole to execute unauthorized orders.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2026-01-30
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7257665 https://access.redhat.com/security/cve/cve-2025-36365
Patch
https://www.ibm.com/support/pages/node/7257665
Share on: