CVE-2023-45185
Description
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. Due to improper authority checks the attacker could perform operations on the PC under the user's authority. IBM X-Force ID: 268273.
NVD
Severity: HIGH
CVE ID: CVE-2023-45185
CVSS Score: 8.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
IBM Corporation
Severity: HIGH
CVE ID: CVE-2023-45185
CVSS Score: 7.4
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Proof Of Concept
afine-com
IBM i Access Client Solutions < 1.1.9.4 - Remote code execution via insecure deserialisation
Refrence: GitHub