CVSS: 9.0EPSS: 3%CPEs: 2EXPL: 1CVE-2023-45185 – IBM i Access Client Solutions code execution
https://notcve.org/view.php?id=CVE-2023-45185
14 Dec 2023 — IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. Due to improper authority checks the attacker could perform operations on the PC under the user's authority. IBM X-Force ID: 268273. IBM i Access Client Solutions versiones 1.1.2 a 1.1.4 y 1.1.4.3 a 1.1.9.3 podrían permitir a un atacante ejecutar código remoto. Debido a controles de autoridad inadecuados, el atacante podría realizar operaciones en la PC bajo la autoridad del usuario.... • https://github.com/afine-com/CVE-2023-45185 • CWE-863: Incorrect Authorization •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 1CVE-2023-45182 – IBM i Access Client Solutions information disclosure
https://notcve.org/view.php?id=CVE-2023-45182
14 Dec 2023 — IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems. IBM X-Force ID: 268265. IBM i Access Client Solutions 1.1.2 a 1.1.4 y 1.1.4.3 a 1.1.9.3 es vulnerable a que se decodifique su clave para una contraseña cifrada. Al obtener acceso de alguna manera a la contraseña cifrada, un... • https://github.com/afine-com/CVE-2023-45182 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 7.8EPSS: 6%CPEs: 2EXPL: 1CVE-2023-45184 – IBM i Access Client Solutions
https://notcve.org/view.php?id=CVE-2023-45184
14 Dec 2023 — IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to obtain a decryption key due to improper authority checks. IBM X-Force ID: 268270. IBM i Access Client Solutions versiones 1.1.2 a 1.1.4 y 1.1.4.3 a 1.1.9.3 podrían permitir a un atacante obtener una clave de descifrado debido a comprobaciones de autoridad inadecuadas. ID de IBM X-Force: 268270. • https://github.com/afine-com/CVE-2023-45184 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-42006 – IBM i information disclosure
https://notcve.org/view.php?id=CVE-2023-42006
01 Dec 2023 — IBM Administration Runtime Expert for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information caused by improper authority checks. IBM X-Force ID: 265266. IBM Administration Runtime Expert para i 7.2, 7.3, 7.4 y 7.5 podría permitir a un usuario local obtener información confidencial causada por comprobaciones de autoridad inadecuadas. ID de IBM X-Force: 265266. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265266 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40685 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-40685
29 Oct 2023 — Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system. IBM X-Force ID: 264116. Management Central como parte de IBM i 7.2, 7.3, 7.4 y 7.5 Navigator contiene una vulnerabilidad de escalada de privilegios local. Un actor malintencionado con acceso a la línea de comandos del sistema... • https://exchange.xforce.ibmcloud.com/vulnerabilities/264116 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40686 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-40686
29 Oct 2023 — Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain component access to the operating system. IBM X-Force ID: 264114. Management Central como parte de IBM i 7.2, 7.3, 7.4 y 7.5 Navigator contiene una vulnerabilidad de escalada de privilegios local. Un actor malintencionado con acceso a la línea de comandos del si... • https://exchange.xforce.ibmcloud.com/vulnerabilities/264114 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-40377 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-40377
16 Oct 2023 — Backup, Recovery, and Media Services (BRMS) for IBM i 7.2, 7.3, and 7.4 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263583. Backup, Recovery, and Media Services (BRMS) para IBM i 7.2, 7.3 y 7.4 contiene una vulnerabilidad de escalada de privilegios local. Un actor malintencionado con acceso a la línea de comandos del sistema operativo ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/263583 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40378 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-40378
15 Oct 2023 — IBM Directory Server for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system. IBM X-Force ID: 263584. IBM Directory Server para IBM i contiene una vulnerabilidad de escalada de privilegios local. Un actor malintencionado con acceso a la línea de comandos del sistema operativo host puede elevar los privilegios para obtener acceso a los componentes del sis... • https://exchange.xforce.ibmcloud.com/vulnerabilities/263584 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40375 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-40375
28 Sep 2023 — Integrated application server for IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 263580. El servidor de aplicaciones integrado para IBM i 7.2, 7.3, 7.4 y 7.5 contiene una vulnerabilidad de escalada de privilegios local. Un actor malintencionado con acceso a la línea de comandos del sistema operativo host puede elev... • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/263580 • CWE-269: Improper Privilege Management •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-38721 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-38721
14 Aug 2023 — The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173. • https://exchange.xforce.ibmcloud.com/vulnerabilities/262173 • CWE-269: Improper Privilege Management •