IBM i Access for Windows is affected by vulnerability CVE-2018-1888. This vulnerability affects the Windows system running the IBM i Access for Windows product.
CVEID: CVE-2018-1888 DESCRIPTION: An untrusted search path vulnerability in IBM i Access for Windows versions 7.1 and earlier on Windows can allow arbitrary code execution via a Trojan horse DLL in the current working directory, related to use of the LoadLibrary function.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152079> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
Release 7.1 of IBM i Access for Windows is affected.
The issue can be fixed by obtaining and applying the Service Pack SI68573 or higher.
The Service Pack is available at:
<https://www-01.ibm.com/support/docview.wss?uid=isg3T1026807>
Release 7.1 – SI68573
_Important note: _IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm i access for windows | eq | 7.1 | |
ibm i | eq | any |