Authentication and Authorization Vulnerability in IBM i Netserver
CVE-2025-3218

5.4MEDIUM

Key Information:

Vendor: IBM
Status: I
Vendor: CVE Published:; 7 May 2025

Summary

IBM i Netserver is compromised by a vulnerability that stems from improper validation within the system, allowing malicious actors to exploit this flaw. Attackers may employ brute force techniques to gain unauthorized access to the server or circumvent authority restrictions set in place. This weakness imperils sensitive data and overall system integrity, highlighting the necessity for immediate remediation and robust security measures.

Affected Version(s)

i 7.2, 7.3, 7.4, 7.5, 7.6

References

https://www.ibm.com/support/pages/node/7232750

vendor-advisory

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 7, 2025