Remote Denial of Service Vulnerability in IBM i Products by IBM
CVE-2026-4942

5.9MEDIUM

Key Information:

Vendor

IBM

Status
Vendor
CVE Published:
17 July 2026

What is CVE-2026-4942?

A vulnerability exists in IBM i versions that potentially allows an attacker to exploit the Transport Layer Security (TLS) protocol. By sending specifically crafted messages to the server, an attacker could force the server to downgrade its TLS protocol to an earlier, less secure version which has been intentionally disabled in server configurations. This could expose sensitive data and systems to unauthorized access or other malicious activities, compromising the integrity and security of the affected systems.

Affected Version(s)

i 7.6

i 7.5

i 7.4

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.