CVE-2023-45182

Medium

IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password…

ibm·CWE-922·Published 2023-12-14

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

315 chars

IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems. IBM X-Force ID: 268265.

NVDen

315 chars

NVDes

325 chars

IBM i Access Client Solutions 1.1.2 a 1.1.4 y 1.1.4.3 a 1.1.9.3 es vulnerable a que se decodifique su clave para una contraseña cifrada. Al obtener acceso de alguna manera a la contraseña cifrada, un atacante local podría aprovechar esta vulnerabilidad para obtener la contraseña de otros sistemas. ID de IBM X-Force: 268265.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.4	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
3.1	Primary	NVD	6.5	2.0	4.0	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N