IBM4833576D3A850F88423E03C477B854DD77FD9415734577369E1388B8A3209F58Security Bulletin: IBM i is vulnerable to a local privilege escalation due to flaws in Management Central (CVE-2023-40685, CVE-2023-40686).
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
Summary
IBM i is vulnerable to a local privilege escalation due to flaws in a Management Central as described in the vulnerability details section. The vulnerabilities exist even when Management Central is not being used for systems management tasks. IBM i has addressed the vulnerabilities with fixes as described in the remediation/fixes section.
Vulnerability Details
CVEID:CVE-2023-40686
**DESCRIPTION:**Management Central as part of IBM i Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain component access to the operating system.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/264114 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID:CVE-2023-40685
**DESCRIPTION:**Management Central as part of IBM i Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/264116 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM i | 7.5 |
| IBM i | 7.4 |
| IBM i | 7.3 |
| IBM i | 7.2 |
Remediation/Fixes
The issues can be fixed by applying PTFs to IBM i. IBM i releases 7.5, 7.4, 7.3, and 7.2 will be fixed.
The IBM i PTF numbers for 5770-SS1 Base and 5770-SS1 Option 3 contain the fixes for the vulnerabilities.
| IBM i Release | 5770-SS1 | PTF Download Link |
|---|---|---|
| 7.5 | SI84794 | <https://www.ibm.com/support/pages/ptf/SI84794> |
| 7.4 | SI84792 | <https://www.ibm.com/support/pages/ptf/SI84792> |
| 7.3 | SI84791 | <https://www.ibm.com/support/pages/ptf/SI84791> |
| 7.2 | SI84788 | <https://www.ibm.com/support/pages/ptf/SI84788> |
IBM i Release| 5770-SS1
Option 3| PTF Download Link
—|—|—
7.5| SI85339| <https://www.ibm.com/support/pages/ptf/SI85339>
7.4| SI84784| <https://www.ibm.com/support/pages/ptf/SI84784>
7.3| SI84783| <https://www.ibm.com/support/pages/ptf/SI84783>
7.2| SI84782| <https://www.ibm.com/support/pages/ptf/SI84782>
<https://www.ibm.com/support/fixcentral>
Important note: IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products.
Workarounds and Mitigations
None
Affected configurations
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%