IBM ϵÁвúÆ·¶à¸öÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-07-05

Îó²î±àºÅºÍ¼¶±ð



CVE±àºÅ£ºCVE-2019-4087£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬£¬£¬£¬£¬£¬£¬¹Ù·½£º9.8
CVE±àºÅ£ºCVE-2019-4088£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.4£¬£¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-4140£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º6.3£¬£¬£¬£¬£¬£¬£¬¹Ù·½£º7.1
CVE±àºÅ£ºCVE-2019-4129£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º3.1£¬£¬£¬£¬£¬£¬£¬¹Ù·½£º5.3
CVE±àºÅ£ºCVE-2019-4292£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º8.8£¬£¬£¬£¬£¬£¬£¬¹Ù·½£º8.8 
CVE±àºÅ£ºCVE-2019-4134£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º6.1£¬£¬£¬£¬£¬£¬£¬¹Ù·½£º6.1

CVE±àºÅ£ºCVE-2019-4260£¬£¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬£¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º5.3£¬£¬£¬£¬£¬£¬£¬¹Ù·½£º5.3



Ó°Ïì°æ±¾



ÊÜÓ°ÏìµÄ°æ±¾


CVE-2019-4087¡¢CVE-2019-4088¡¢CVE-2019-4140¡¢CVE-2019-4129£º

IBM Spectrum Protect
8.1.0.0 through 8.1.7.xxx
7.1.0.0 through 7.1.9.200
CVE-2019-4292£º
IBM Security Guardium 10.5
CVE-2019-4134£º
IBM Planning Analytics Local v2.0
CVE-2019-4260£º

Daeja ViewONE Virtual 5.0 - 5.0.5



Îó²î¸ÅÊö



IBMÅû¶ÁËÆäһϵÁвúÆ·Öжà¸öÒªº¦ºÍ¸ßÑÏÖØÐÔÎó²î£¬£¬£¬£¬£¬£¬£¬ÆäÖÐ×îÑÏÖصÄÎó²î±£´æÓÚIBM Spectrum Protect¹¤¾ßÖС£¡£¡£¡£IBM Spectrum Protect£¨Ç°³ÆTivoli Storage Manager£©ÊÇÃÀ¹úIBM¹«Ë¾µÄÒ»Ì×Êý¾Ý±£» £»£»£»¤Æ½Ì¨¡£¡£¡£¡£¸Ãƽ̨ΪÆóÒµÌṩ¼òµ¥¿ØÖƺÍÖÎÀíµã£¬£¬£¬£¬£¬£¬£¬²¢Ö§³Ö¶ÔËùÓйæÄ£µÄÐéÄâ¡¢ÎïÀíºÍÔÆÇéÐξÙÐб¸·ÝºÍ»Ö¸´¡£¡£¡£¡£¶à¸öÎó²îÈçÏ£º


CVE-2019-4087

IBM Spectrum Protect ServersºÍStorage AgentsÖб£´æ»º³åÇø¹ýʧÎó²î£¬£¬£¬£¬£¬£¬£¬¸ÃÎó²îÔ´ÓÚ³ÌÐòûÓÐÖ´ÐÐ׼ȷµÄ½çÏß¼ì²â¡£¡£¡£¡£Ô¶³Ì¹¥»÷Õß¿Éͨ¹ý·¢Ëͳ¬³¤µÄÇëÇóʹÓøÃÎó²îÔÚϵͳÉÏÖ´ÐÐí§Òâ´úÂë»òÔì³ÉЧÀÍÆ÷»òStorage AgentsÍ߽⡣¡£¡£¡£


CVE-2019-4088

IBM Spectrum Protect ServersºÍStorage AgentsÖб£´æÇå¾²Îó²î¡£¡£¡£¡£¹¥»÷Õ߿ɽèÖúÌØÖƵĿâʹÓøÃÎó²î»ñÈ¡ÌáÉýµÄȨÏÞ¡£¡£¡£¡£


CVE-2019-4140

IBM Spectrum ProtectÖб£´æÇå¾²Îó²î¡£¡£¡£¡£ÍâµØ¹¥»÷Õß¿ÉʹÓøÃÎó²î»Ö¸´¾ÉÊý¾ÝÀ´Ìæ»»ÏÖÓеÄÊý¾Ý¿â¡£¡£¡£¡£


CVE-2019-4129

IBM Spectrum Protect Operations CenterÖб£´æÇå¾²Îó²î£¬£¬£¬£¬£¬£¬£¬¸Ã¸ÃÎó²îÔ´ÓÚ¹ýʧÐÂÎÅÖаüÀ¨ÓÐÕ»¹ì¼£¡£¡£¡£¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²î»ñÈ¡Operations Center¿ò¼ÜµÄÏêϸÐÅÏ¢¡£¡£¡£¡£


CVE-2019-4292

IBM Security GuardiumÊÇÃÀ¹úIBM¹«Ë¾µÄÒ»Ì×ÌṩÊý¾Ý±£» £»£»£»¤¹¦Ð§µÄƽ̨¡£¡£¡£¡£¸Ãƽ̨°üÀ¨×Ô½ç˵UI¡¢±¨¸æÖÎÀíºÍÁ÷Ïß»¯µÄÉó¼ÆÁ÷³Ì¹¹½¨µÈ¹¦Ð§¡£¡£¡£¡£IBM Security GuardiumÖб£´æÇå¾²Îó²î¡£¡£¡£¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²îÉÏ´«í§ÒâÎļþ£¬£¬£¬£¬£¬£¬£¬Ö´ÐÐí§Òâ´úÂë¡£¡£¡£¡£


CVE-2019-4134

IBM Planning AnalyticsÊÇÃÀ¹úIBM¹«Ë¾µÄÒ»Ì×ÓªÒµÍýÏëÆÊÎö½â¾ö¼Æ»®¡£¡£¡£¡£¸Ã¼Æ»®Ö§³Ö×Ô¶¯»¯Ö´ÐÐÓªÒµÍýÏë¡¢Ô¤ËãºÍÆÊÎöµÈÁ÷³Ì¡£¡£¡£¡£IBM Planning AnalyticsÖб£´æ¿çÕ¾¾ç±¾Îó²î¡£¡£¡£¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²îÔÚWeb UIÖÐ×¢Èëí§ÒâµÄJavaScript´úÂë¡£¡£¡£¡£


CVE-2019-4260

IBM Daeja ViewONE VirtualÊÇÃÀ¹úIBM¹«Ë¾µÄÒ»¿î»ùÓÚHTML5µÄÎĵµºÍͼÏñÉó²éÆ÷¡£¡£¡£¡£¸Ã²úÆ·Ö÷ÒªÓÃÓÚÉó²é¡¢×¢ÊͺʹòӡͼÏñºÍÎĵµ¡£¡£¡£¡£IBM Daeja ViewONE VirtualÖб£´æÇå¾²Îó²î¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÏÂÔØí§ÒâЧÀÍÆ÷Îļþ¡£¡£¡£¡£



Îó²îÑéÖ¤



ÔÝÎÞPOC/EXP¡£¡£¡£¡£



ÐÞ¸´½¨Òé



ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬£¬£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó¼û²Î¿¼Á´½Ó¡£¡£¡£¡£



²Î¿¼Á´½Ó



https://www-01.ibm.com/support/docview.wss?uid=ibm10882472
https://www-01.ibm.com/support/docview.wss?uid=ibm10883346
https://www-01.ibm.com/support/docview.wss?uid=ibm10883236
https://www-01.ibm.com/support/docview.wss?uid=ibm10888279
https://www-01.ibm.com/support/docview.wss?uid=ibm10886607
https://www-01.ibm.com/support/docview.wss?uid=ibm10884382