First published: Sat Oct 07 2023(Updated: )
Backup, Recovery, and Media Services (BRMS) for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component access to the host operating system.
Credit: psirt@us.ibm.com psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM i | <=7.4 | |
IBM i | <=7.3 | |
IBM i | <=7.2 | |
IBM i | =7.2 | |
IBM i | =7.3 | |
IBM i | =7.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-40377.
The severity of CVE-2023-40377 is medium (4.9).
The affected software is Backup, Recovery, and Media Services (BRMS) for IBM i versions 7.2, 7.3, and 7.4.
This vulnerability allows a malicious actor with command line access to the host operating system to elevate privileges and gain component access to the host operating system.
You can find more information about CVE-2023-40377 on the IBM X-Force Exchange website and the IBM support pages.