IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to access the file system and download files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks by modifying a parameter thereby gaining access to their files through this interface. IBM X-Force ID: 239303.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/239303 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/6850801 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2022-12-22T20:34:13.863Z
Updated:
Reserved: 2022-10-26T15:46:22.823Z
Link: CVE-2022-43858
JSON object: View
NVD Information
Status : Modified
Published: 2022-12-22T21:15:11.357
Modified: 2023-11-07T03:54:05.623
Link: CVE-2022-43858
JSON object: View
Redhat Information
No data.
CWE