I@7.6 Security Vulnerabilities and Issues — I@7.6 CVE List

Lucene search

IbmI7.6

8 matches found

CVE•added 2025/05/07 2:15 a.m.•58 views

CVE-2025-3218

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due to incorrect validation processing in IBM i Netserver. A malicious actor could use the weaknesses, in conjunction with brute force authentication attacks or to bypass authority restrictions, to access th...

5.4CVSS7AI score0.00046EPSS

CVE•added 2025/04/17 5:15 p.m.•52 views

CVE-2025-2947

IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. A malicious actor can use the command to elevate privileges to gain root access to the host operating system.

9.8CVSS7.3AI score0.00078EPSS

CVE•added 2025/02/14 3:15 p.m.•46 views

CVE-2024-52895

IBM i 7.4 and 7.5 is vulnerable to a database access denial of service caused by a bypass of a database capabilities restriction check. A privileged bad actor can remove or otherwise impact database infrastructure files resulting in incorrect behavior of software products that rely upon the databas...

6.5CVSS6.4AI score0.00088EPSS

CVE•added 2025/04/18 3:15 p.m.•40 views

CVE-2025-2950

IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by IBM Navigator for i. An authenticated user can manipulate the host header in HTTP requests to change domain/IP address which may lead to unexpected behavior.

5.4CVSS5.5AI score0.00047EPSS

CVE•added 2025/05/17 4:15 p.m.•31 views

CVE-2025-33103

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 product IBM TCP/IP Connectivity Utilities for i contains a privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system.

8.8CVSS8.9AI score0.00067EPSS

CVE•added 2025/07/24 3:15 p.m.•10 views

CVE-2025-33109

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to a privilege escalation caused by an invalid database authority check. A bad actor could execute a database procedure or function without having all required permissions, in addition to causing denial of service for some database actions.

8.8CVSS6.6AI score0.00044EPSS

CVE•added 2025/06/17 6:15 p.m.•7 views

CVE-2025-33122

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 could allow a user to gain elevated privileges due to an unqualified library call in IBM Advanced Job Scheduler for i. A malicious actor could cause user-controlled code to run with administrator privilege.

7.5CVSS7.6AI score0.00067EPSS

CVE•added 2025/08/08 3:15 p.m.•5 views

CVE-2025-36119

IBM i 7.3, 7.4, 7.5, and 7.6 is affected by an authenticated user obtaining elevated privileges with IBM Digital Certificate Manager for i (DCM) due to a web session hijacking vulnerability. An authenticated user without administrator privileges could exploit this vulnerability to perform actions i...

8.8CVSS6.2AI score0.00027EPSS