CVE-2023-45185

IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code.  Due to improper authority checks the attacker could perform operations on the PC under the user's authority.  IBM X-Force ID:  268273.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.4 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
ibmCNA
7.4 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
ibmi_access_client_solutions
1.1.2 ≤
𝑥
≤ 1.1.4
ibmi_access_client_solutions
1.1.4.3 ≤
𝑥
< 1.1.9.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/268273
https://www.ibm.com/support/pages/node/7091942
https://exchange.xforce.ibmcloud.com/vulnerabilities/268273
https://www.ibm.com/support/pages/node/7091942