CVE-2018-1888 MEDIUM

CVE-2018-1888

Vendor Ibm
Product i Access for Windows
Published January 4, 2019
Last update September 16, 2024

CVSS base score

5.3/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/A:L/AC:L/AV:L/C:L/I:L/PR:N/S:U/UI:R/E:U/RC:C/RL:O

What the vulnerability does

01Description

An untrusted search path vulnerability in IBM i Access for Windows versions 7.1 and earlier on Windows can allow arbitrary code execution via a Trojan horse DLL in the current working directory, related to use of the LoadLibrary function. IBM X-Force ID: 152079.

Key dates

02Disclosure timeline

January 4, 2019 CVE published
September 16, 2024 Record updated