CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-40746

IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236581.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.4%

CVSS Severity

CVSS v3 Score 7.2

References

Products affected by CVE-2022-40746

Ibm » I Access Client Solutions » Version: 1.1.2

cpe:2.3:a:ibm:i_access_client_solutions:1.1.2
Ibm » I Access Client Solutions » Version: 1.1.4

cpe:2.3:a:ibm:i_access_client_solutions:1.1.4
Ibm » I Access Client Solutions » Version: 1.1.4.3

cpe:2.3:a:ibm:i_access_client_solutions:1.1.4.3
Ibm » I Access Client Solutions » Version: 1.1.9.0

cpe:2.3:a:ibm:i_access_client_solutions:1.1.9.0
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-40746

Products

Pricing

Contact Us