PT-2023-29449 · Ibm · Ibm I Access Client Solutions
Maksymilian Kubiak
+1
·
Published
2023-12-13
·
Updated
2023-12-19
·
CVE-2023-45184
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM i Access Client Solutions versions 1.1.2 through 1.1.4
IBM i Access Client Solutions versions 1.1.4.3 through 1.1.9.3
Description
The issue allows an attacker to obtain a decryption key due to improper authority checks.
Recommendations
For versions 1.1.2 through 1.1.4, update to a version outside of this range to resolve the issue.
For versions 1.1.4.3 through 1.1.9.3, update to a version outside of this range to resolve the issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Insecure Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm I Access Client Solutions