Design/Logic Flaw

2022-12-2221:15:00

PRIOn knowledge base

www.prio-n.com

ibm navigator

design flaw

logic flaw

authenticated user

interface checks

log files

servlet filter

ibm x-force id

nvd

AI Score

4.4

Confidence

High

EPSS

0.001

Percentile

31.4%

JSON

IBM Navigator for i 7.3, 7.4 and 7.5 could allow an authenticated user to access IBM Navigator for i log files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks and download log files by modifying servlet filter. IBM X-Force ID: 239301.