Local Command Execution Risk in IBM InfoSphere Information Server 11.7
CVE-2024-51459

8.4HIGH

Key Information:

Vendor: IBM
Status: Infosphere Information Server
Vendor: CVE Published:; 19 March 2025

Summary

IBM InfoSphere Information Server 11.7 contains a vulnerability that could allow local users to execute privileged commands unexpectedly. This flaw arises from improper handling of permissions, potentially leading to unauthorized access and actions within the affected system. Organizations using this version should review their security configurations and apply relevant patches to mitigate risks associated with this vulnerability.

Affected Version(s)

InfoSphere Information Server 11.7

References

https://www.ibm.com/support/pages/node/7185056

vendor-advisory

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 19, 2025
Vulnerability Reserved
Oct 28, 2024