Vulnerabilities > IBM > I Access Client Solutions > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-09 CVE-2024-22318 Session Fixation vulnerability in IBM I Access Client Solutions
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server.
local
low complexity
ibm CWE-384
5.5
5.5
2023-12-14 CVE-2023-45182 Insecure Storage of Sensitive Information vulnerability in IBM I Access Client Solutions
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded.
local
low complexity
ibm CWE-922
6.5
6.5
2022-11-21 CVE-2022-40746 Uncontrolled Search Path Element vulnerability in IBM I Access Client Solutions
IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability.
local
high complexity
ibm CWE-427
6.7
6.7