IBM i Vulnerability Could Allow Elevated Privileges

CVE-2024-25050

8.4HIGH

Key Information

Vendor: IBM
Status: I; Rational Development Studio For I
Vendor: Published:; 28 April 2024

Summary

IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2, 7.3, 7.4, 7.5 networking and compiler infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privileges. IBM X-Force ID: 283242.

Affected Version(s)

i = 7.2, 7.3, 7.4, 7.5

Rational Development Studio for i = 7.2, 7.3, 7.4, 7.5

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

HIGH

Integrity:

HIGH

Availability:

HIGH

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Timeline

Vulnerability published.
Apr 28, 2024
Vulnerability Reserved.
Feb 3, 2024

Collectors

NVD DatabaseMitre Database