PT-2022-10868 · Ibm · Ibm I
Published
2022-01-13
·
Updated
2022-01-22
·
CVE-2021-39056
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
IBM i versions 7.1 through 7.4
Description
The Extended Dynamic Remote SQL server (EDRSQL) in IBM i could allow a remote authenticated user to send a specially crafted request and cause a denial of service.
Recommendations
For versions 7.1 through 7.4, consider restricting access to the EDRSQL server until a patch is available.
As a temporary workaround, consider disabling the EDRSQL service to minimize the risk of exploitation.
Restrict access to the EDRSQL server to only necessary users to reduce the attack surface.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ibm I