cnvd - cnvd-2019-30149

CNVD-2019-30149

Vulnerability from cnvd - Published: 2019-09-04

Title

IBM DB2 High Performance Unload权限提升漏洞

Description

IBM DB2等都是美国IBM公司的产品。DB2是一套关系型数据库管理系统。Opera Software Opera等都是挪威欧朋（Opera Software）公司的产品。Opera是一款Web浏览器，IBM DB2是一套关系型数据库管理系统。 IBM DB2 High Performance Unload处理PATH存在权限提升漏洞，攻击者可利用该漏洞root用户身份执行任意代码。

Severity

高

Patch Name

IBM DB2 High Performance Unload权限提升漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www-01.ibm.com/support/docview.wss?uid=ibm10964592

Reference

https://www-01.ibm.com/support/docview.wss?uid=ibm10964592

Impacted products

Name
['IBM DB2 High Performance Unload load for LUW 6.1', 'IBM DB2 High Performance Unload load for LUW 6.1.0.1', 'IBM DB2 High Performance Unload load for LUW 6.1.0.1 IF1', 'IBM DB2 High Performance Unload load for LUW 6.1.0.2', 'IBM DB2 High Performance Unload load for LUW 6.1.0.2 IF1', 'IBM DB2 High Performance Unload load for LUW 6.1.0.2 IF2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-4448",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-4448"
    }
  },
  "description": "IBM DB2\u7b49\u90fd\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4ea7\u54c1\u3002DB2\u662f\u4e00\u5957\u5173\u7cfb\u578b\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002Opera Software Opera\u7b49\u90fd\u662f\u632a\u5a01\u6b27\u670b\uff08Opera Software\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Opera\u662f\u4e00\u6b3eWeb\u6d4f\u89c8\u5668\uff0cIBM DB2\u662f\u4e00\u5957\u5173\u7cfb\u578b\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002\n\nIBM DB2 High Performance Unload\u5904\u7406PATH\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1eroot\u7528\u6237\u8eab\u4efd\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Rich Mirch",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www-01.ibm.com/support/docview.wss?uid=ibm10964592",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-30149",
  "openTime": "2019-09-04",
  "patchDescription": "IBM DB2\u7b49\u90fd\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4ea7\u54c1\u3002DB2\u662f\u4e00\u5957\u5173\u7cfb\u578b\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002Opera Software Opera\u7b49\u90fd\u662f\u632a\u5a01\u6b27\u670b\uff08Opera Software\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Opera\u662f\u4e00\u6b3eWeb\u6d4f\u89c8\u5668\uff0cIBM DB2\u662f\u4e00\u5957\u5173\u7cfb\u578b\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\u3002\r\n\r\nIBM DB2 High Performance Unload\u5904\u7406PATH\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1eroot\u7528\u6237\u8eab\u4efd\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "IBM DB2 High Performance Unload\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "IBM DB2 High Performance Unload load for LUW 6.1",
      "IBM DB2 High Performance Unload load for LUW 6.1.0.1",
      "IBM DB2 High Performance Unload load for LUW 6.1.0.1 IF1",
      "IBM DB2 High Performance Unload load for LUW 6.1.0.2",
      "IBM DB2 High Performance Unload load for LUW 6.1.0.2 IF1",
      "IBM DB2 High Performance Unload load for LUW 6.1.0.2 IF2"
    ]
  },
  "referenceLink": "https://www-01.ibm.com/support/docview.wss?uid=ibm10964592",
  "serverity": "\u9ad8",
  "submitTime": "2019-08-30",
  "title": "IBM DB2 High Performance Unload\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

CVE-2019-4448 (GCVE-0-2019-4448)

Vulnerability from cvelistv5 – Published: 2019-08-26 14:40 – Updated: 2024-09-17 00:27

Summary

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaries are setuid root and have built-in options that allow an low privileged user the ability to load arbitrary db2 libraries from a privileged context. This results in arbitrary code being executed with root authority. IBM X-Force ID: 163489.

Severity ?

8.4 (High)


                        
                          CVSS:3.0/UI:N/S:U/AV:L/C:H/AC:L/A:H/PR:N/I:H/E:U/RC:C/RL:O

CWE

Gain Privileges

Assigner

ibm

References

URL

Tags

	http://www.ibm.com/support/docview.wss?uid=ibm10964592	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Impacted products

	Vendor	Product	Version
	IBM	DB2 High Performance Unload load for LUW	Affected: 6.1 Affected: 6.1.0.1 Affected: 6.1.0.1IF1 Affected: 6.1.0.2 Affected: 6.1.0.2IF1 Affected: 6.1.0.1IF2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:33:38.009Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=ibm10964592"
          },
          {
            "name": "ibm-db2-cve20194448-priv-escalation (163489)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163489"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DB2 High Performance Unload load for LUW",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "6.1.0.1"
            },
            {
              "status": "affected",
              "version": "6.1.0.1IF1"
            },
            {
              "status": "affected",
              "version": "6.1.0.2"
            },
            {
              "status": "affected",
              "version": "6.1.0.2IF1"
            },
            {
              "status": "affected",
              "version": "6.1.0.1IF2"
            }
          ]
        }
      ],
      "datePublic": "2019-08-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaries are setuid root and have built-in options that allow an low privileged user the ability to load arbitrary db2 libraries from a privileged context. This results in arbitrary code being executed with root authority. IBM X-Force ID: 163489."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 7.3,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/UI:N/S:U/AV:L/C:H/AC:L/A:H/PR:N/I:H/E:U/RC:C/RL:O",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Gain Privileges",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-26T14:40:14",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=ibm10964592"
        },
        {
          "name": "ibm-db2-cve20194448-priv-escalation (163489)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163489"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2019-08-21T00:00:00",
          "ID": "CVE-2019-4448",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DB2 High Performance Unload load for LUW",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1"
                          },
                          {
                            "version_value": "6.1.0.1"
                          },
                          {
                            "version_value": "6.1.0.1IF1"
                          },
                          {
                            "version_value": "6.1.0.2"
                          },
                          {
                            "version_value": "6.1.0.2IF1"
                          },
                          {
                            "version_value": "6.1.0.1IF2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaries are setuid root and have built-in options that allow an low privileged user the ability to load arbitrary db2 libraries from a privileged context. This results in arbitrary code being executed with root authority. IBM X-Force ID: 163489."
            }
          ]
        },
        "impact": {
          "cvssv3": {
            "BM": {
              "A": "H",
              "AC": "L",
              "AV": "L",
              "C": "H",
              "I": "H",
              "PR": "N",
              "S": "U",
              "UI": "N"
            },
            "TM": {
              "E": "U",
              "RC": "C",
              "RL": "O"
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Gain Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=ibm10964592",
              "refsource": "CONFIRM",
              "title": "IBM Security Bulletin 964592 (DB2 High Performance Unload load for LUW)",
              "url": "http://www.ibm.com/support/docview.wss?uid=ibm10964592"
            },
            {
              "name": "ibm-db2-cve20194448-priv-escalation (163489)",
              "refsource": "XF",
              "title": "X-Force Vulnerability Report",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163489"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2019-4448",
    "datePublished": "2019-08-26T14:40:14.962294Z",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-09-17T00:27:01.106Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-30149

CVE-2019-4448 (GCVE-0-2019-4448)

Tags

Sightings

Nomenclature