CVE-2023-40375 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-40375
Integrated application server for IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 263580. El servidor de aplicaciones integrado para IBM i 7.2, 7.3, 7.4 y 7.5 contiene una vulnerabilidad de escalada de privilegios local. Un actor malintencionado con acceso a la línea de comandos del sistema operativo host puede elevar los privilegios para obtener acceso root al sistema operativo host. • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/263580 https://www.ibm.com/support/pages/node/7038748 • CWE-269: Improper Privilege Management •
CVE-2023-38721 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-38721
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173. • https://exchange.xforce.ibmcloud.com/vulnerabilities/262173 https://www.ibm.com/support/pages/node/7023423 • CWE-269: Improper Privilege Management •
CVE-2023-30989 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-30989
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain all object access to the host operating system. IBM X-Force ID: 254017. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254017 https://www.ibm.com/support/pages/node/7012353 • CWE-269: Improper Privilege Management •
CVE-2023-30988 – IBM i privilege escalation
https://notcve.org/view.php?id=CVE-2023-30988
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 254016. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254016 https://www.ibm.com/support/pages/node/7012355 • CWE-269: Improper Privilege Management •
CVE-2023-30990 – IBM i command execution
https://notcve.org/view.php?id=CVE-2023-30990
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a remote attacker to execute CL commands as QUSER, caused by an exploitation of DDM architecture. IBM X-Force ID: 254036. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254036 https://www.ibm.com/support/pages/node/7008573 • CWE-94: Improper Control of Generation of Code ('Code Injection') •