CVE-2023-45182

Summary

IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems. IBM X-Force ID: 268265.

Affected Software

VendorProductVersion RangeStatus
IBMi Access Client Solutions1.1.2 <= 1.1.4affected
IBMi Access Client Solutions1.1.4.3 <= 1.1.9.3affected

Weaknesses

  • CWE-922: CWE-922 Insecure Storage of Sensitive Information

ADP Enrichment

CVE Program Container

Additional References

References