APAR Number: JR32273 Description: If the DB2 database server is configured to use LDAP-based authentication and group lookup functionality through the use of LDAP security plug-in modules (IBMLDAPauthserver) and the LDAP server is configured to allow anonymous binds, it is possible for an attacker to exploit the anonymous bind to connect to DB2 databases without a valid password. This problem is not applicable if the LDAP server does not allow anonymous bind. Problem Summary: Similar to the description, emphasizing unauthorized connections via anonymous binds. Problem Conclusion: Consult LDAP server administrator to prevent anonymous binds and download latest LDAP security plugins. Temporary Workaround: Same advice as the conclusion. Problem Status: Closed with a fix in error. 受影响的产品: DB2 Linux, Unix and Windows version 8.2.0.