Page 3 of 25 results (0.002 seconds)

CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0

The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173. • https://exchange.xforce.ibmcloud.com/vulnerabilities/262173 https://www.ibm.com/support/pages/node/7023423 • CWE-269: Improper Privilege Management •

CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0

IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain all object access to the host operating system. IBM X-Force ID: 254017. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254017 https://www.ibm.com/support/pages/node/7012353 • CWE-269: Improper Privilege Management •

CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0

The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 254016. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254016 https://www.ibm.com/support/pages/node/7012355 • CWE-269: Improper Privilege Management •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

IBM i 7.2, 7.3, 7.4, and 7.5 could allow a remote attacker to execute CL commands as QUSER, caused by an exploitation of DDM architecture. IBM X-Force ID: 254036. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254036 https://www.ibm.com/support/pages/node/7008573 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0

IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing. By using a specially crafted SQL operation, the administrator could exploit the vulnerability to perform additional administrator operations. IBM X-Force ID: 244510. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244510 https://www.ibm.com/support/pages/node/6987767 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •