Back to overview

CVE-2026-4942

MEDIUM
5.9
CVSS 3.1
Description
IBM i 7.6, 7.5, 7.4, and 7.3 could allow a remote attacker to send a specifically crafted message and downgrade the Transport Layer Security (TLS) protocol to a version disabled in the server configuration.

Metadata

CVE ID
CVE-2026-4942
State
PUBLISHED
Assigner
ibm
Reserved
2026-03-26 21:14 UTC
Published
2026-07-17 19:32 UTC
Last updated
2026-07-17 19:32 UTC
Primary CWE
CWE-757
CWE-757 Selection of Less-Secure Algorithm During Negotiatio…
Vendor / Product
IBM / i
Sources
cve.org  ·  NVD

Severity & Metrics

5.9 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products (1)
VendorProductPlatformVersions
IBM i 7.6, 7.5, 7.4, 7.3
Weakness (CWE)
CWESourceDescription
CWE-757 cna CWE-757 Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CVSS scores (1)
ScoreSeverityVersionSourceVector
5.9 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Back to overview