Security Bulletin: IBM i is vulnerable to a denial of service of network ports due to deserialization of untrusted data in Management Central [CVE-2024-31879].

Summary IBM i is vulnerable to a denial of service of network ports due to deserialization of untrusted data in Management Central as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in the remediation/fixes...

Security Bulletin: IBM i is vulnerable to a local privilege escalation due to flaws in Management Central (CVE-2023-40685, CVE-2023-40686).

Summary IBM i is vulnerable to a local privilege escalation due to flaws in a Management Central as described in the vulnerability details section. The vulnerabilities exist even when Management Central is not being used for systems management tasks. IBM i has addressed the vulnerabilities with...

CVE-2023-40685

Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system. IBM X-Forc...

CVE-2023-40685

Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system. IBM X-Forc...

Privilege escalation

Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system. IBM X-Forc...

CVE-2023-40686

Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain component access to the operating system. IBM...

CVE-2023-40685 IBM i privilege escalation

Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system. IBM X-Forc...

CVE-2023-40685 IBM i privilege escalation

Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system. IBM X-Forc...

CVE-2023-40685

CVE-2023-40685 relates to a local privilege escalation in IBM i 7.2–7.5 when using Management Central within IBM Navigator. The Root Cause is a privilege-management flaw in Management Central that allows a user with command-line access to elevate to root. Affected products/versions: IBM i 7.2, 7....

CVE-2023-40686 IBM i privilege escalation

Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain component access to the operating system. IBM...

CVE-2023-40686 IBM i privilege escalation

Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain component access to the operating system. IBM...

CVE-2023-40686

CVE-2023-40686 is a local privilege escalation in IBM i Navigator's Management Central. A malicious actor with OS command-line access can elevate privileges to gain component access to the operating system. Affected products are IBM i releases 7.2, 7.3, 7.4, and 7.5; the issue is associated with ...

IBM i Security Vulnerabilities

IBM i is a suite of operating systems from International Business Machines IBM that run on IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i that stems from a local elevation of privilege vulnerability in Management Central. An attacker could exploit the vulnerabilit...

IBM i Security Vulnerabilities

IBM i is a suite of operating systems from International Business Machines IBM that run on IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i that stems from a local elevation of privilege vulnerability in Management Central. An attacker could exploit the vulnerabilit...

PT-2023-6764 · Ibm · Ibm I

Name of the Vulnerable Software and Affected Versions: IBM i versions 7.2 through 7.5 Description: The issue is related to insecure privilege management in the Management Central component of the IBM i operating system. A malicious actor with command line access can exploit this to elevate...

PT-2023-6768 · Ibm · Ibm I

Name of the Vulnerable Software and Affected Versions: IBM i versions 7.2 through 7.5 Description: The issue is related to insecure privilege management in the Management Central component of the IBM i operating system. A malicious actor with command line access to the operating system can exploi...