Digital Defense’s Vulnerability Research Team (VRT) has provided a scan check for CVE-2023-30990 - Unauthenticated RCE in IBM i DDM Service in Frontline.cloud.
Per an IBM security bulletin, IBM i is vulnerable to a remote attacker executing arbitrary unauthenticated CL commands as a QUSER, a workstation user role without special authorities, due to weak error handling in the DDM architecture.
IBM i DDM architecture allows retrieval of data files from remote systems or execution of CL commands when authorized from any other DDM architecture connected systems. Exploitation of this vulnerability can impact availability of several jobs and services running on the system.
The vulnerability impacts IBM i versions 7.2, 7.3, 7.4, and 7.5. A fix is available from IBM support here.
For IBM i users who are not current Frontline VM customers, we have a free scan available for this CVE.