cbcvebase.
CVE-2023-45182
published 2023-12-14

CVE-2023-45182: IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow…

PriorityP429medium6.5CVSS 3.1
AVLACLPRLUINSCCHINAN
EPSS
0.63%
45.8th percentile
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems. IBM X-Force ID: 268265.

Affected

3 ranges
VendorProductVersion rangeFixed in
ibmi_access_client_solutions1.1.2 – 1.1.4
ibmi_access_client_solutions>= 1.1.4.3 < 1.1.9.41.1.9.4
ibmi_access_client_solutions1.1.4.3 – 1.1.9.3
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.