IBM Security vulnerabilities for IBMi Operating System: Announcement July 23

We wanted you to be aware of the following security bulletins that have been released from IBM as of 17th July 2023. The severity for all the below is considered to be HIGH! All issues have been addressed with PTF’s which are available for V7R2, V7R3, V7R4 & V7R5 of the IBMi Operating System, and the relevant PTF’s are shown on the link for each bulletin.

The first Security Bulletin: IBM Facsimile Support for i is vulnerable to local privilege escalation (CVE-2023-30988)

Product ID – 5798-FAX V5R8M0

Below is a link to the full details:

https://www.ibm.com/support/pages/node/7012355

The second Security Bulletin: IBM Performance Tools for i is vulnerable to local privilege escalation (CVE-2023-30989)

Product ID – 5770-PT1

Below is the link to the full details

https://www.ibm.com/support/pages/node/7012353

The Third Security Bulletin: IBMi is vulnerable to a remote attacker executing CL commands due to exploitation of DDM architecture as described in the vulnerability details section. IBM i has addressed the vulnerability in the DDM architecture as described in the remediation/fixes section.

Product id – 5770-SS1

https://www.ibm.com/support/pages/node/7008573

If you would like to discuss this further or if you would like Recarta to provide some remote assistance – please do not hesitate to contact us.

Enquire now

Give us a call or fill in the form below and we will contact you. We endeavor to answer all inquiries within 24 hours on business days.