CVE-2024-22318

Name of the Vulnerable Software and Affected Versions IBM i Access Client Solutions versions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4

Description The issue is related to incorrect session management in IBM i Access Client Solutions, which can allow an attacker to intercept a user's session and disclose protected NT LAN Manager (NTLM) hash information. If NTLM is enabled, the Windows operating system will attempt to authenticate using the current user's session, potentially allowing a hostile server to capture the NTLM hash information and obtain the user's credentials. This is achieved by modifying UNC capable paths within the ACS configuration files to point to a hostile server.

Recommendations For IBM i Access Client Solutions versions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4, consider disabling NTLM authentication or restricting access to UNC capable paths within the ACS configuration files to minimize the risk of exploitation. As a temporary workaround, avoid using NTLM authentication until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.