7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
IBM i is vulnerable to a local user with command line access gaining elevated privilege due to a flaw in IBM TCP/IP Connectivity Utilities for i as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in the remediation/fixes section.
CVEID:CVE-2024-31890
**DESCRIPTION:**IBM i product IBM TCP/IP Connectivity Utilities for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/288171 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM i | 7.5 |
IBM i | 7.4 |
IBM i | 7.3 |
The issue can be fixed by applying a PTF to IBM i. IBM i releases 7.5, 7.4, and 7.3 will be fixed.
The IBM i PTF numbers for 5770-TC1 contain the fix for the vulnerability.
IBM i Release |
5770-TC1
PTF Number
|
PTF Download Link
—|—|—
7.5| SJ00681| <https://www.ibm.com/mysupport/s/fix-information?legacy=SJ00681>
7.4| SJ00679| <https://www.ibm.com/mysupport/s/fix-information?legacy=SJ00679>
7.3| SJ00680| <https://www.ibm.com/mysupport/s/fix-information?legacy=SJ00680>
<https://www.ibm.com/support/fixcentral>
Important note: IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products.
None
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%