First published: Sun Jul 16 2023(Updated: )
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain all object access to the host operating system. IBM X-Force ID: 254017.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM iSeries AS/400 | =7.2 | |
IBM iSeries AS/400 | =7.3 | |
IBM iSeries AS/400 | =7.4 | |
IBM iSeries AS/400 | =7.5 | |
IBM iSeries AS/400 | <=7.5 | |
IBM iSeries AS/400 | <=7.4 | |
IBM iSeries AS/400 | <=7.3 | |
IBM iSeries AS/400 | <=7.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-30989 is a local privilege escalation vulnerability in IBM Performance Tools for i.
CVE-2023-30989 allows a malicious actor with command line access to the host operating system to elevate privileges and gain all object access to the host operating system.
IBM Performance Tools for i versions 7.2, 7.3, 7.4, and 7.5 are affected by CVE-2023-30989.
CVE-2023-30989 has a severity rating of 8.4 (High).
To fix CVE-2023-30989, it is recommended to apply the necessary updates or patches provided by IBM.