We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | ibm |
Reserved | 2024-02-22 |
Published | 2024-06-15 |
Updated | 2024-08-30 |
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support. IBM X-Force ID: 285203.
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
CWE-287 Improper Authentication
https://www.ibm.com/support/pages/node/7157637
https://exchange.xforce.ibmcloud.com/vulnerabilities/285203