Latest ibm i Vulnerabilities

IBM-7149672
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
CVE-2024-25050
IBM i privilege escalation
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
IBM-7140499
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
CVE-2024-22346
IBM i privilege escalation
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
IBM i=7.2
IBM i=7.3
and 2 more
CVE-2023-43064
IBM i code execution
<=7.5
<=7.4
<=7.3
<=7.2
=7.2
=7.3
and 2 more
IBM-7101330
<=7.5
<=7.4
<=7.3
<=7.2
IBM-7097785
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
CVE-2023-47741
IBM i information disclosure
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM Db2 Mirror for i=7.4
IBM Db2 Mirror for i=7.5
IBM i=7.3
and 2 more
CVE-2023-42006
IBM i information disclosure
IBM Administration Runtime Expert for i<=7.5
IBM Administration Runtime Expert for i<=7.4
IBM Administration Runtime Expert for i<=7.3
IBM Administration Runtime Expert for i<=7.2
IBM i=7.2
IBM i=7.3
and 2 more
CVE-2023-40685
IBM i privilege escalation
IBM i=7.2
IBM i=7.3
IBM i=7.4
IBM i=7.5
IBM i<=7.5
IBM i<=7.4
and 2 more
CVE-2023-40686
IBM i privilege escalation
IBM i=7.2
IBM i=7.3
IBM i=7.4
IBM i=7.5
IBM i<=7.5
IBM i<=7.4
and 2 more
IBM-7060686
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
IBM-7048121
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
CVE-2023-40377
Backup, Recovery, and Media Services (BRMS) for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileg...
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
IBM i=7.2
IBM i=7.3
IBM i=7.4
CVE-2023-40378
IBM Directory Server for IBM i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain component ac...
IBM i=7.2
IBM i=7.3
IBM i=7.4
IBM i=7.5
IBM i<=7.5
IBM i<=7.4
and 2 more
IBM-7047240
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
IBM-7038748
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
CVE-2023-40375
Integrated application server for IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate...
IBM i=7.2
IBM i=7.3
IBM i=7.4
IBM i=7.5
IBM i<=7.5
IBM i<=7.4
and 2 more
IBM-7023423
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
CVE-2023-38721
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges a...
IBM i=7.2
IBM i=7.3
IBM i=7.4
IBM i=7.5
IBM i<=7.5
IBM i<=7.4
and 2 more
CVE-2023-28513
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caus...
IBM MQ=9.0.0.0
IBM MQ=9.1.0.0
IBM MQ=9.2.0
IBM MQ=9.2.0
IBM MQ=9.3.0
IBM MQ=9.3.0
and 15 more
IBM-7012355
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
CVE-2023-30988
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can eleva...
IBM i=7.2
IBM i=7.3
IBM i=7.4
IBM i=7.5
IBM i<=7.5
IBM i<=7.4
and 2 more
IBM-7012353
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
CVE-2023-30989
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges ...
IBM i=7.2
IBM i=7.3
IBM i=7.4
IBM i=7.5
IBM i<=7.5
IBM i<=7.4
and 2 more
CVE-2023-30990
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a remote attacker to execute CL commands as QUSER, caused by an exploitation of DDM architecture. IBM X-Force ID: 254036.
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
IBM i=7.2
IBM i=7.3
and 2 more
IBM-7008573
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
CVE-2023-28950
IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358.
IBM MQ=8.0.0.0
IBM MQ=9.0.0.0
IBM MQ=9.1.0.0
IBM MQ=9.2.0
IBM MQ=9.2.0
IBM MQ=9.3.0
and 7 more
CVE-2023-23470
IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing. By using a special...
IBM i<=7.2
IBM i<=7.3
IBM i<=7.4
IBM i<=7.5
IBM i=7.2
IBM i=7.3
and 6 more
CVE-2023-28514
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398.
IBM MQ=8.0.0.0
IBM MQ=9.0.0.0
IBM MQ=9.1.0
IBM MQ=9.1.0.0
HP HP-UX
IBM AIX
and 8 more
CVE-2023-26283
IBM WebSphere Application Server 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality po...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
IBM i
Ibm Z\/os
and 3 more
CVE-2022-42436
IBM MQ Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files.
IBM MQ<=8.0
IBM MQ<=9.0 LTS
IBM MQ<=9.1 CD
IBM MQ<=9.1 LTS
IBM MQ<=9.2 CD
IBM MQ<=9.2 LTS
and 16 more
CVE-2023-23477
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects. IBM X-Force ID: ...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server=8.5
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
and 5 more
CVE-2022-43917
IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the con...
IBM WebSphere Application Server - traditional container<=9.0
IBM WebSphere Application Server - traditional container<=8.5
Ibm Websphere Application Server=8.5
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
and 5 more
IBM-6850801
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
CVE-2022-43860
IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information they are authorized to but not while using this interface. By performing an SQL injection an at...
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i=7.3
IBM i=7.4
IBM i=7.5
CVE-2022-43857
IBM Navigator for i 7.3, 7.4 and 7.5 could allow an authenticated user to access IBM Navigator for i log files they are authorized to but not while using this interface. The remote authenticated user ...
IBM i=7.3
IBM i=7.4
IBM i=7.5
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
CVE-2022-43858
IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to access the file system and download files they are authorized to but not while using this interface. The remote authenticated...
IBM i=7.3
IBM i=7.4
IBM i=7.5
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
CVE-2022-43859
IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information for an object they are authorized to but not while using this interface. By performing a UNION b...
IBM i=7.3
IBM i=7.4
IBM i=7.5
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
CVE-2022-31772
IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335.
IBM MQ=8.0.0.0
IBM MQ=9.0.0.0
IBM MQ=9.1.0
IBM MQ=9.1.0.0
IBM MQ=9.2.0
IBM MQ=9.2.0
and 8 more
CVE-2022-40750
IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functio...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server=8.5
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
and 5 more
CVE-2022-38712
"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Forc...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server<=8.0
Ibm Websphere Application Server<=7.0
Ibm Websphere Application Server>=7.0.0.0<7.0.0.45
Ibm Websphere Application Server>=8.0.0.0<8.0.0.15
and 9 more
CVE-2022-22423
IBM Common Cryptographic Architecture (CCA) could allow a local user to cause a denial of service due to improper input validation.
IBM CCA 5.x MTM for 4767<=5.0.0 - 5.7.11
IBM CCA 7.x MTM for 4769<=7.0.0 - 7.3.43
IBM Common Cryptographic Architecture>=5.0.0<5.7.12
IBM AIX
IBM i
Linux Linux kernel
and 2 more
CVE-2022-34336
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server<=8.0
Ibm Websphere Application Server<=7.0
Ibm Websphere Application Server=7.0
Ibm Websphere Application Server=8.0
and 9 more
CVE-2022-34165
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. T...
IBM Security Verify Access Docker<=10.0.X
IBM Security Verify Access<=10.0.X
Ibm Websphere Application Server>=7.0.0.0<=7.0.0.45
Ibm Websphere Application Server>=8.0.0.0<=8.0.0.15
Ibm Websphere Application Server>=8.5.0.0<=8.5.5.22
Ibm Websphere Application Server>=9.0.0.0<=9.0.5.13
and 9 more
CVE-2022-22473
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server<=8.0
Ibm Websphere Application Server<=7.0
Ibm Websphere Application Server>=7.0.0.0<=7.0.0.45
Ibm Websphere Application Server>=8.0.0.0<=8.0.0.15
and 9 more
CVE-2022-22477
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended function...
Ibm Websphere Application Server<=9.0
Ibm Websphere Application Server<=8.5
Ibm Websphere Application Server=8.5
Ibm Websphere Application Server=9.0
HP HP-UX
IBM AIX
and 5 more
CVE-2022-34358
IBM i is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credential...
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
IBM i<=7.2
IBM i=7.2
IBM i=7.3
and 3 more
IBM-6589203
IBM i<=7.5
IBM i<=7.4
IBM i<=7.3
CVE-2022-22495
IBM i 7.3, 7.4, and 7.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the ...
IBM i=7.3
IBM i=7.4
IBM i=7.5
IBM i
IBM i<=7.5
IBM i<=7.4
and 1 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203