IBM Navigator for i 7.3, 7.4 and 7.5 could allow an authenticated user to access IBM Navigator for i log files they are authorized to but not while using this interface. The remote authenticated user can bypass the interface checks and download log files by modifying servlet filter. IBM X-Force ID: 239301.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm i 7.3 |
||
ibm i 7.4 |
||
ibm i 7.5 |