4 matches found
CVE-2024-22346
Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 280203...
CVE-2024-22346 IBM i privilege escalation
Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 280203...
CVE-2024-22346
CVE-2024-22346 affects IBM i environments running Db2 for IBM i (versions 7.2–7.5). The underlying issue is an unqualified library call in Db2 for IBM i infrastructure that could allow a local user to gain elevated privileges, enabling user-controlled code to run with administrator privileges. Th...
Security Bulletin: IBM i is vulnerable to a privilege elevation due to an unqualified library call in Db2 for IBM i. [CVE-2024-22346]
Summary IBM i is vulnerable to a user gaining elevated privilege due to a CL command being called without library qualification, in Db2 for IBM i, as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in the...