Lucene search
PRIOn knowledge basePRION:CVE-2024-22318HistoryFeb 09, 2024 - 1:15 a.m.
Design/Logic Flaw
2024-02-0901:15:00
PRIOn knowledge base
www.prio-n.com
7
ibm acs
ntlm hash
credential disclosure
unc paths
configuration files
windows operating system
x-force id
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user’s session. The hostile server could capture the NTLM hash information to obtain the user’s credentials. IBM X-Force ID: 279091.
Related
packetstorm
packetstorm
IBM i Access Client Solutions Remote Credential Theft
2024-02-09 00:00:00
cve
cve
CVE-2024-22318
2024-02-09 01:15:09
zdt
zdt
IBM i Access Client Solutions Remote Credential Theft Vulnerability
2024-02-12 00:00:00
nvd
nvd
CVE-2024-22318
2024-02-09 01:15:09
cnvd
cnvd
IBM i Access Client Solutions Authorization Issues Vulnerability
2024-02-22 00:00:00
cvelist
cvelist
CVE-2024-22318 IBM i Access Client Solutions information disclosure
2024-02-09 00:26:52
ibm
ibm
exploitdb
exploitdb