CVE-2023-45182

CVSS 3.1 Score 7.4 of 10 (high)

Details

Published Dec 14, 2023
Updated: Dec 18, 2023
CWE ID 922

Summary

CVE-2023-45182 is a vulnerability affecting IBM i Access Client Solutions versions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3, allowing for the decoding of an encrypted password key. This vulnerability can be exploited by a local attacker who gains access to the encrypted password, potentially compromising the passwords of other systems. The base severity of this vulnerability is rated as HIGH, with a base score of 7.4 according to the Common Vulnerability Scoring System (CVSS) version 3.1. The privileges required for exploitation are low and there is no user interaction required, making it a network-based attack vector with low integrity and confidentiality impacts on the affected systems' availability. It is recommended that organizations using these affected versions of IBM i Access Client Solutions apply necessary patches or updates to remediate this vulnerability and prevent unauthorized access to sensitive information.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-45182 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options