Vulnerabilities > IBM > I > 7.2

DATE CVE VULNERABILITY TITLE RISK
2023-10-15 CVE-2023-40378 Unspecified vulnerability in IBM I
IBM Directory Server for IBM i contains a local privilege escalation vulnerability.
local
low complexity
ibm
7.8
7.8
2023-09-28 CVE-2023-40375 Improper Privilege Management vulnerability in IBM I
Integrated application server for IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability.
local
low complexity
ibm CWE-269
7.8
7.8
2023-08-14 CVE-2023-38721 Unspecified vulnerability in IBM I
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability.
local
low complexity
ibm
7.8
7.8
2023-07-16 CVE-2023-30988 Unspecified vulnerability in IBM I
The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability.
local
low complexity
ibm
7.8
7.8
2023-07-16 CVE-2023-30989 Unspecified vulnerability in IBM I
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability.
local
low complexity
ibm
7.8
7.8
2023-07-04 CVE-2023-30990 Code Injection vulnerability in IBM I
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a remote attacker to execute CL commands as QUSER, caused by an exploitation of DDM architecture.
network
low complexity
ibm CWE-94
critical
 9.8
9.8
2023-05-04 CVE-2023-23470 SQL Injection vulnerability in IBM I
IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing.
local
high complexity
ibm CWE-89
6.4
6.4
2022-07-13 CVE-2022-34358 Cross-site Scripting vulnerability in IBM I
IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2022-05-09 CVE-2022-22481 Unspecified vulnerability in IBM I 7.2/7.3/7.4
IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote attacker to obtain access to the web interface without valid credentials.
network
low complexity
ibm
5.3
5.3
2022-01-13 CVE-2021-39056 Unspecified vulnerability in IBM I
The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server (EDRSQL) could allow a remote authenticated user to send a specially crafted request and cause a denial of service.
network
low complexity
ibm
6.5
6.5