CVE-2024-22318

Summary

CVE-2024-22318 is a vulnerability impacting IBM i Access Client Solutions (ACS) versions 1.1.2 through 1.1.9.4 and 1.1.4.3. An attacker can exploit this issue by manipulating UNC capable paths in ACS configuration files to redirect users to hostile servers. If NTLM authentication is enabled, the Windows operating system will attempt to authenticate using the current session, potentially disclosing NTLM hash information to the attacker. This could result in the attacker obtaining the user's credentials. IBM X-Force has assigned ID 279091 to this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.