IBM i 7.6, 7.5, 7.4, and 7.3 could allow a remote attacker to send a specifically crafted message and downgrade the Transport Layer Security (TLS) protocol to a version disabled in the server configuration.

Project Subscriptions

Vendors Products
Advisories

No advisories yet.

Fixes

Solution

IBM i Release5770-SS1 PTF Number(s)PTF Download Link(s)7.6MJ09141 https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09141 7.5MJ09140 https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09140 7.4MJ09139 https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09139 7.3MJ09138 https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09138 IBM recommends users running unsupported versions of affected products upgrade to a supported and fixed version of affected products.


Workaround

No workaround given by the vendor.

History

Fri, 17 Jul 2026 20:00:00 +0000

Type Values Removed Values Added
Description IBM i 7.6, 7.5, 7.4, and 7.3 could allow a remote attacker to send a specifically crafted message and downgrade the Transport Layer Security (TLS) protocol to a version disabled in the server configuration.
Title IBM i is Affected by Algorithm Downgrade in Transport Layer Security []
First Time appeared Ibm
Ibm i
Weaknesses CWE-757
CPEs cpe:2.3:a:ibm:i:7.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.4.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:i:7.6:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm i
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2026-07-17T19:32:02.440Z

Reserved: 2026-03-26T21:14:44.344Z

Link: CVE-2026-4942

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses