Severity
Medium
Analysis Summary
CVE-2023-40685 CVSS:7.4
Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain root access to the operating system.
CVE-2023-40686 CVSS:4.9
Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain component access to the operating system.
Impact
- Privileges Escalation
Indicators Of Compromise
CVE
- CVE-2023-40685
- CVE-2023-40686
Affected Vendors
IBM
Affected Products
- IBM i 7.2
- IBM i 7.3
- IBM i 7.4
- IBM i 7.5
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.