CVE-2023-45185

EUVD-2023-49492
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code.  Due to improper authority checks the attacker could perform operations on the PC under the user's authority.  IBM X-Force ID:  268273.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.4 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
ibmCNA
7.4 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
Affected Products (NVD)
VendorProductVersion
ibmi_access_client_solutions
1.1.2 ≤
𝑥
≤ 1.1.4
ibmi_access_client_solutions
1.1.4.3 ≤
𝑥
< 1.1.9.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/268273
https://www.ibm.com/support/pages/node/7091942
https://exchange.xforce.ibmcloud.com/vulnerabilities/268273
https://www.ibm.com/support/pages/node/7091942