6 matches found
CVE-2023-30990
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a remote attacker to execute CL commands as QUSER, caused by an exploitation of DDM architecture. IBM X-Force ID: 254036...
PT-2025-2429 · Ibm · Ibm I
Name of the Vulnerable Software and Affected Versions: IBM i versions 7.2 through 7.5 Description: The issue is related to a file level local denial of service caused by an insufficient authority requirement. A local non-privileged user can configure a referential constraint with the privileges o...
CVE-2023-38721
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173...
CVE-2023-38721
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. A malicious actor could gain access to a command line with elevated privileges allowing root access to the host operating system. IBM X-Force ID: 262173...
Privilege escalation
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain all object access to the host operating system. IBM X-Force ID: 254017...
IBM i Cross-Site Scripting Vulnerability (CNVD-2022-83587)
IBM i is a set of operating systems from IBM running in IBM Power Systems and IBM PureSystems. IBM i versions 7.2, 7.3, 7.4, and 7.5 have a cross-site scripting vulnerability that stems from the program's lack of data validation filtering of user-supplied data and output. An attacker could exploi...