Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm i 7.2 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2021-20501
IBM i 7.1, 7.2, 7.3, and 7.4 SMTP allows a network malicious user to send emails to non-existent local-domain recipients to the SMTP server, caused by using a non-default configuration. An attacker could exploit this vulnerability to consume unnecessary network bandwidth and disk...
Ibm I 7.2
Ibm I 7.1
Ibm I 7.3
Ibm I 7.4
5
CVSSv2
CVE-2022-22481
IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote malicious user to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system ...
Ibm I 7.2
Ibm I 7.3
Ibm I 7.4
5
CVSSv2
CVE-2017-1460
IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router spoofs its origin. Routing tables are affected by a missing LSA, which may lead to loss of connectivity. IBM X-Force ID: 128379.
Ibm I 7.2
Ibm I 6.1
Ibm I 7.1
Ibm I 7.3
4.3
CVSSv2
CVE-2021-38876
IBM i 7.2, 7.3, and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208404.
Ibm I 7.2
Ibm I 7.3
Ibm I 7.4
4.3
CVSSv2
CVE-2019-4450
IBM i 7.2, 7.3, and 7.4 for i is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 1...
Ibm I 7.2
Ibm I 7.3
Ibm I 7.4
4.3
CVSSv2
CVE-2019-4040
IBM I 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 156164.
Ibm I 7.2
Ibm I 7.3
4
CVSSv2
CVE-2021-39056
The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server (EDRSQL) could allow a remote authenticated user to send a specially crafted request and cause a denial of service. IBM X-Force ID: 214537.
Ibm I 7.2
Ibm I 7.1
Ibm I 7.3
Ibm I 7.4
2.1
CVSSv2
CVE-2019-4381
IBM i 7.27.3 Clustering could allow a local malicious user to obtain sensitive information, caused by the use of advanced node failure detection using the REST API to interface with the HMC. An attacker could exploit this vulnerability to obtain HMC credentials. IBM X-Force ID: 1...
Ibm I 7.2
Ibm I 7.3
1.9
CVSSv2
CVE-2020-4345
IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not have access to. IBM X-Force ID: 178318.
Ibm I 7.2
Ibm I 7.3
Ibm I 7.4
NA
CVE-2024-31870
IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user enumeration by a local authenticated attacker, without having authority to the related *USRPRF objects. This can be used by a malicious actor to gather information about users that can...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
log injection
CVE-2024-37079
type confusion
CVE-2024-32943
CVE-2024-30103
CVE-2024-37350
arbitrary code
CVE-2024-6189
CVE-2024-6225
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »