Vulnerability-Lookup

WID-SEC-W-2026-1331

Vulnerability from csaf_certbund - Published: 2026-05-03 22:00 - Updated: 2026-05-03 22:00

Summary

IBM i: Schwachstelle ermöglicht Privilegieneskalation

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: IBM i (früher bekannt als IBM iSeries oder IBM System i) ist ein Betriebssystem, das auf IBM Power Systems Servern läuft und für Geschäftsanwendungen entwickelt wurde.

Angriff: Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in IBM i ausnutzen, um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme: - Sonstiges

CVE-2026-2311

Affected products

Known affected 5 products

Product	Identifier	Version	Remediation
IBM i <7.3 SJ08604 IBM / i		<7.3 SJ08604
IBM i <7.2 SJ08818 IBM / i		<7.2 SJ08818
IBM i <7.5 SJ08418 IBM / i		<7.5 SJ08418
IBM i <7.4 SJ08419 IBM / i		<7.4 SJ08419
IBM i <7.6 SJ08417 IBM / i		<7.6 SJ08417

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.ibm.com/support/pages/node/7269560	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "IBM i (fr\u00fcher bekannt als IBM iSeries oder IBM System i) ist ein Betriebssystem, das auf IBM Power Systems Servern l\u00e4uft und f\u00fcr Gesch\u00e4ftsanwendungen entwickelt wurde.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in IBM i ausnutzen, um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1331 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1331.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1331 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1331"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2026-05-03",
        "url": "https://www.ibm.com/support/pages/node/7269560"
      }
    ],
    "source_lang": "en-US",
    "title": "IBM i: Schwachstelle erm\u00f6glicht Privilegieneskalation",
    "tracking": {
      "current_release_date": "2026-05-03T22:00:00.000+00:00",
      "generator": {
        "date": "2026-05-04T10:16:17.692+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-1331",
      "initial_release_date": "2026-05-03T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-05-03T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.6 SJ08417",
                "product": {
                  "name": "IBM i \u003c7.6 SJ08417",
                  "product_id": "T053470"
                }
              },
              {
                "category": "product_version",
                "name": "7.6 SJ08417",
                "product": {
                  "name": "IBM i 7.6 SJ08417",
                  "product_id": "T053470-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:ibm:i:7.6_sj08417"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.5 SJ08418",
                "product": {
                  "name": "IBM i \u003c7.5 SJ08418",
                  "product_id": "T053471"
                }
              },
              {
                "category": "product_version",
                "name": "7.5 SJ08418",
                "product": {
                  "name": "IBM i 7.5 SJ08418",
                  "product_id": "T053471-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:ibm:i:7.5_sj08418"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.4 SJ08419",
                "product": {
                  "name": "IBM i \u003c7.4 SJ08419",
                  "product_id": "T053472"
                }
              },
              {
                "category": "product_version",
                "name": "7.4 SJ08419",
                "product": {
                  "name": "IBM i 7.4 SJ08419",
                  "product_id": "T053472-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:ibm:i:7.4_sj08419"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.3 SJ08604",
                "product": {
                  "name": "IBM i \u003c7.3 SJ08604",
                  "product_id": "T053473"
                }
              },
              {
                "category": "product_version",
                "name": "7.3 SJ08604",
                "product": {
                  "name": "IBM i 7.3 SJ08604",
                  "product_id": "T053473-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:ibm:i:7.3_sj08604"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.2 SJ08818",
                "product": {
                  "name": "IBM i \u003c7.2 SJ08818",
                  "product_id": "T053474"
                }
              },
              {
                "category": "product_version",
                "name": "7.2 SJ08818",
                "product": {
                  "name": "IBM i 7.2 SJ08818",
                  "product_id": "T053474-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:ibm:i:7.2_sj08818"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "i"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-2311",
      "product_status": {
        "known_affected": [
          "T053473",
          "T053474",
          "T053471",
          "T053472",
          "T053470"
        ]
      },
      "release_date": "2026-05-03T22:00:00.000+00:00",
      "title": "CVE-2026-2311"
    }
  ]
}

CVE-2026-2311 (GCVE-0-2026-2311)

Vulnerability from cvelistv5 – Published: 2026-04-30 21:45 – Updated: 2026-05-02 03:55

Title

IBM i is affected by a privilege escalation vulnerability in Web Administration GUI []

Summary

IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization check. A malicious actor could cause user-controlled code to run with administrator privilege.

Severity

6.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-284 - Improper Access Control

Assigner

ibm

References

1 reference

URL	Tags
https://www.ibm.com/support/pages/node/7269560	vendor-advisorypatch

Impacted products

1 product

Vendor	Product	Version
IBM	i	Affected: 7.6.0 , ≤ 2.3.0 (semver) Affected: 7.5.0 Affected: 7.4.0 Affected: 7.3.0 Affected: 7.2.0 cpe:2.3:a:ibm:i:7.6.0:::::::* cpe:2.3:a:ibm:i:7.5.0:::::::* cpe:2.3:a:ibm:i:7.4.0:::::::* cpe:2.3:a:ibm:i:7.3.0:::::::* cpe:2.3:a:ibm:i:7.2.0:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-2311",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-01T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-02T03:55:31.329Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:i:7.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:i:7.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:i:7.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:i:7.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:i:7.2.0:*:*:*:*:*:*:*"
          ],
          "product": "i",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "2.3.0",
              "status": "affected",
              "version": "7.6.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "7.5.0"
            },
            {
              "status": "affected",
              "version": "7.4.0"
            },
            {
              "status": "affected",
              "version": "7.3.0"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization check. \u0026nbsp;A malicious actor could cause user-controlled code to run with administrator privilege.\u003c/p\u003e"
            }
          ],
          "value": "IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization check. \u00a0A malicious actor could cause user-controlled code to run with administrator privilege."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284 Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-30T21:45:08.343Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7269560"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cstrong\u003eIBM strongly recommends addressing the vulnerability now.\u003c/strong\u003e\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eIBM i Release\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003e5770-DG1\u003cbr\u003ePTF Number(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003ePTF Download Link(s)\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e7.6\u003c/td\u003e\u003ctd\u003eSJ08417\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ08417\" rel=\"noopener noreferrer nofollow\"\u003ehttps://www.ibm.com/mysupport/s/fix-information?legacy=SJ08417\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e7.5\u003c/td\u003e\u003ctd\u003eSJ08418\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ08418\" rel=\"noopener noreferrer nofollow\"\u003ehttps://www.ibm.com/mysupport/s/fix-information?legacy=SJ08418\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e7.4\u003c/td\u003e\u003ctd\u003eSJ08419\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ08419\" rel=\"noopener noreferrer nofollow\"\u003ehttps://www.ibm.com/mysupport/s/fix-information?legacy=SJ08419\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e7.3\u003c/td\u003e\u003ctd\u003eSJ08604\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ08604\" rel=\"noopener noreferrer nofollow\"\u003ehttps://www.ibm.com/mysupport/s/fix-information?legacy=SJ08604\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e7.2\u003c/td\u003e\u003ctd\u003eSJ08818\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ08818\" rel=\"noopener noreferrer nofollow\"\u003ehttps://www.ibm.com/mysupport/s/fix-information?legacy=SJ08818\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003eIBM recommends users running unsupported versions of affected products upgrade to a supported and fixed version of affected products.\u003c/p\u003e"
            }
          ],
          "value": "IBM strongly recommends addressing the vulnerability now.\n\nIBM i Release5770-DG1\nPTF Number(s)PTF Download Link(s)7.6SJ08417 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ08417 7.5SJ08418 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ08418 7.4SJ08419 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ08419 7.3SJ08604 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ08604 7.2SJ08818 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ08818 \n\n\n\nIBM recommends users running unsupported versions of affected products upgrade to a supported and fixed version of affected products."
        }
      ],
      "title": "IBM i is affected by a privilege escalation vulnerability in Web Administration GUI []",
      "x_generator": {
        "engine": "ibm-cvegen"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2026-2311",
    "datePublished": "2026-04-30T21:45:08.343Z",
    "dateReserved": "2026-02-10T21:39:52.444Z",
    "dateUpdated": "2026-05-02T03:55:31.329Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-1331

CVE-2026-2311 (GCVE-0-2026-2311)

Tags

Sightings

Nomenclature