Lucene search
K

4 matches found

NVD
NVD
added 2024/03/14 7:15 p.m.20 views

CVE-2024-22346

Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 280203...

8.4CVSS8.3AI score0.00186EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/14 6:40 p.m.18 views

CVE-2024-22346 IBM i privilege escalation

Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 280203...

8.4CVSS6.7AI score0.00186EPSS
Exploits0References2
CVE
CVE
added 2024/03/14 6:40 p.m.92 views

CVE-2024-22346

CVE-2024-22346 affects IBM i environments running Db2 for IBM i (versions 7.2–7.5). The underlying issue is an unqualified library call in Db2 for IBM i infrastructure that could allow a local user to gain elevated privileges, enabling user-controlled code to run with administrator privileges. Th...

8.4CVSS8AI score0.00186EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/13 8:14 p.m.34 views

Security Bulletin: IBM i is vulnerable to a privilege elevation due to an unqualified library call in Db2 for IBM i. [CVE-2024-22346]

Summary IBM i is vulnerable to a user gaining elevated privilege due to a CL command being called without library qualification, in Db2 for IBM i, as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in the...

8.4CVSS8.1AI score0.00186EPSS
Exploits0Affected Software1
Rows per page
Query Builder