) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- Keyword (text search): cpe:2.3:o:ibm:i:7.4:*:*:*:*:*:*:*
- CPE Name Search: true
There are 22 matching records.
Displaying matches 21 through 22.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2019-4450 |
IBM i 7.2, 7.3, and 7.4 for i is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163492. Published: November 08, 2019; 9:15:10 PM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-4536 |
IBM i 7.4 users who have done a Restore User Profile (RSTUSRPRF) on a system which has been configured with Db2 Mirror for i might have user profiles with elevated privileges caused by incorrect processing during a restore of multiple user profiles. A user with restore privileges could exploit this vulnerability to obtain elevated privileges on the restored system. IBM X-Force ID: 165592. Published: August 29, 2019; 11:15:11 AM -0400 |
V4.0:(not available) V3.1: 6.3 MEDIUM V2.0: 3.3 LOW |