VYPR
Unrated severityNVD Advisory· Published Dec 18, 2024· Updated Dec 18, 2024

IBM i incorrect privilege assignment

CVE-2024-47104

Description

IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. A user with authority to a view can alter the based-on physical file security attributes without having object management rights to the physical file. A malicious actor can use the elevated privileges to perform actions restricted by their view privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IBM/Iv52 versions
    cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*range: 7.4, 7.5
    • (no CPE)range: 7.4, 7.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.