IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to remotely perform operations that the user is not allowed to perform when using Navigator for i.
A product requires authentication, but the product has an alternate path or channel that does not require authentication.
Name | Vendor | Start Version | End Version |
---|---|---|---|
I | Ibm | 7.3 (including) | 7.3 (including) |
I | Ibm | 7.4 (including) | 7.4 (including) |
I | Ibm | 7.5 (including) | 7.5 (including) |