Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2023-02482
HistoryDec 23, 2022 - 12:00 a.m.

IBM Navigator for I SQL Injection Vulnerability

2022-12-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
18
ibm
navigator for i
sql injection
versions 7.3 7.4 7.5
validation
attacker
file permissions
interface

EPSS

0.001

Percentile

20.0%

JSON

IBM Navigator for i is a console interface used in IBMi by International Business Machines (IBM) to perform and manage critical tasks in IBMi. IBM Navigator for i is vulnerable to SQL injection in versions 7.3, 7.4, and 7.5. The vulnerability stems from the application’s lack of validation of externally entered SQL statements. An authenticated attacker could use the vulnerability to view file permissions through the interface by performing UNION-based SQL injection.

Related

cvelist 1
prion 1
nvd 1
cve 1
ibm 1
cvelist
cvelist
CVE-2022-43859 IBM Navigator for i SQL injection
2022-12-22 20:41:40
prion
prion
Sql injection
2022-12-22 21:15:00
nvd
nvd
CVE-2022-43859
2022-12-22 21:15:11
cve
cve
CVE-2022-43859
2022-12-22 21:15:11
ibm
ibm
Security Bulletin: IBM Navigator for i is vulnerable to log file access, obtaining file attributes, and SQL Injection attacks due to multiple vulnerabilities.
2023-02-15 19:38:00

EPSS

0.001

Percentile

20.0%

JSON
Related for CNVD-2023-02482
cvelist1prion1nvd1cve1ibm1