IBM i 7.3, 7.4, 7.5, and 7.6 is affected by an authenticated user obtaining elevated privileges with IBM Digital Certificate Manager for i (DCM) due to a web session hijacking vulnerability. An authenticated user without administrator privileges could exploit this vulnerability to perform actions in DCM as an administrator.
2025-08-08T15:15:28.247
2025-08-15T18:15:27.227
Analyzed
CVSSv3.1: 7.1 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | ibm | i | 7.3 | Yes |
| Operating System | ibm | i | 7.4 | Yes |
| Operating System | ibm | i | 7.5 | Yes |
| Operating System | ibm | i | 7.6 | Yes |