CVE-2026-4942: CWE-757 Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
IBM i 7.6, 7.5, 7.4, and 7.3 could allow a remote attacker to send a specifically crafted message and downgrade the Transport Layer Security (TLS) protocol to a version disabled in the server configuration.
AI Analysis
Technical Summary
CVE-2026-4942 describes a vulnerability in IBM i versions 7.3, 7.4, 7.5, and 7.6 where an attacker can remotely force the TLS protocol negotiation to downgrade to a disabled version by sending a crafted message. This constitutes an 'Algorithm Downgrade' weakness (CWE-757), potentially exposing communications to weaker cryptographic protections than intended by the server configuration. The vulnerability does not impact integrity or availability but has a high confidentiality impact. No official remediation or patch information is currently available.
Potential Impact
The vulnerability allows an attacker to downgrade the TLS protocol to a less secure version that the server has explicitly disabled, potentially exposing sensitive data transmitted over the connection. While integrity and availability are not affected, confidentiality is rated high, meaning sensitive information could be at risk if the downgraded protocol is compromised.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, administrators should review TLS configuration settings and monitor for unusual negotiation attempts. No official remediation or temporary fix has been provided by IBM at this time.
CVE-2026-4942: CWE-757 Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
Description
IBM i 7.6, 7.5, 7.4, and 7.3 could allow a remote attacker to send a specifically crafted message and downgrade the Transport Layer Security (TLS) protocol to a version disabled in the server configuration.
CVSS v3.1
Score 5.9medium
Affected software
cpe:2.3:a:ibm:i:7.6:*:*:*:*:*:*:*cpe:2.3:a:ibm:i:7.6.0:*:*:*:*:*:*:*cpe:2.3:a:ibm:i:7.5:*:*:*:*:*:*:*cpe:2.3:a:ibm:i:7.5.0:*:*:*:*:*:*:*cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*cpe:2.3:a:ibm:i:7.4.0:*:*:*:*:*:*:*Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-4942 describes a vulnerability in IBM i versions 7.3, 7.4, 7.5, and 7.6 where an attacker can remotely force the TLS protocol negotiation to downgrade to a disabled version by sending a crafted message. This constitutes an 'Algorithm Downgrade' weakness (CWE-757), potentially exposing communications to weaker cryptographic protections than intended by the server configuration. The vulnerability does not impact integrity or availability but has a high confidentiality impact. No official remediation or patch information is currently available.
Potential Impact
The vulnerability allows an attacker to downgrade the TLS protocol to a less secure version that the server has explicitly disabled, potentially exposing sensitive data transmitted over the connection. While integrity and availability are not affected, confidentiality is rated high, meaning sensitive information could be at risk if the downgraded protocol is compromised.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, administrators should review TLS configuration settings and monitor for unusual negotiation attempts. No official remediation or temporary fix has been provided by IBM at this time.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- ibm
- Date Reserved
- 2026-03-26T21:14:44.344Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a5b5eae2d1edb114c7fb32c
Added to database: 07/18/2026, 11:08:30 UTC
Last enriched: 07/18/2026, 11:54:11 UTC
Last updated: 07/18/2026, 13:13:20 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.