CVE-2022-22481

Name of the Vulnerable Software and Affected Versions IBM Navigator for i versions 7.2 through 7.4

Description The issue allows a remote attacker to obtain access to the web interface without valid credentials by modifying the sign on request. This grants the attacker visibility to the fully qualified domain name of the target system and the navigator tasks page. However, the attacker does not gain the ability to perform tasks on the system or see any specific system data.

Recommendations For versions 7.2 through 7.4, update to a version that includes the fix for this issue to prevent unauthorized access to the web interface. At the moment, there is no information about a newer version that contains a fix for this vulnerability.