IBM I Access Client Solutions 1.1.9.3

CPE Details

IBM I Access Client Solutions 1.1.9.3
ibm
i_access_client_solutions
1.1.9.3
2023-12-16
02h29 +00:00
2023-12-16
02h29 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:i_access_client_solutions:1.1.9.3:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

i_access_client_solutions

Version

1.1.9.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-22318 2024-02-09 00h26 +00:00 IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user's session. The hostile server could capture the NTLM hash information to obtain the user's credentials. IBM X-Force ID: 279091.
5.5
Medium
CVE-2023-45185 2023-12-14 14h04 +00:00 IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. Due to improper authority checks the attacker could perform operations on the PC under the user's authority. IBM X-Force ID: 268273.
8.8
High
CVE-2023-45182 2023-12-14 14h02 +00:00 IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems. IBM X-Force ID: 268265.
7.4
High
CVE-2023-45184 2023-12-14 01h42 +00:00 IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to obtain a decryption key due to improper authority checks. IBM X-Force ID: 268270.
7.5
High