CVE-2025-3218

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions IBM i versions 7.2 through 7.6

Description The issue concerns authentication and authorization attacks due to incorrect validation processing in IBM i Netserver. A malicious actor could exploit these weaknesses, in conjunction with brute force authentication attacks or to bypass authority restrictions, to access the server.

Recommendations For IBM i versions 7.2 through 7.6, consider restricting access to the Netserver until a patch is available. As a temporary workaround, limit the use of brute force authentication attacks and authority restrictions to minimize the risk of exploitation.

Fix

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295

Related Identifiers

CVE-2025-3218

Affected Products

Ibm I

CVE-2025-3218

Weakness Enumeration

Related Identifiers

Affected Products

References · 10