Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-22318 — Use of a Broken or Risky Cryptographic Algorithm in IBM I Access Client Solutions

CWE-327 — Use of a Broken or Risky Cryptographic Algorithm CWE-384 — Session Fixation CWE-200 — Sensitive Information Exposure4 documents4 sources

Severity

5.5MEDIUMNVD

CNA5.1

EPSS

0.2%

top 62.30%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

IBM I Access Client Solutions

Timeline

PublishedFeb 9

Latest updateFeb 26

Description

IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user's session. The hostile server could capture the NTLM hash information to obtain the user's credentials. IBM X-Force ID: 279091.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5ibm/i_access_client_solutions1.1.2 — 1.1.4+1

▶NVDibm/i_access_client_solutions1.1.2 — 1.1.4+1

🔴Vulnerability Details

GHSA

GHSA-4c2f-665c-x845: IBM i Access Client Solutions (ACS) 1↗2024-02-09

▶

CVEList

IBM i Access Client Solutions information disclosure↗2024-02-09

▶

💥Exploits & PoCs

Exploit-DB

IBM i Access Client Solutions v1.1.2 - 1.1.4_ v1.1.4.3 - 1.1.9.4 - Remote Credential Theft↗2024-02-26

▶