CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-27275

IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.3%

CVSS Severity

CVSS v3 Score 7.4

References

https://www.ibm.com/support/pages/node/7157637
https://exchange.xforce.ibmcloud.com/vulnerabilities/285203
https://www.ibm.com/support/pages/node/7157637

Products affected by CVE-2024-27275

Ibm » I » Version: 7.2

cpe:2.3:a:ibm:i:7.2
Ibm » I » Version: 7.3

cpe:2.3:a:ibm:i:7.3
Ibm » I » Version: 7.4

cpe:2.3:a:ibm:i:7.4
Ibm » I » Version: 7.5

cpe:2.3:a:ibm:i:7.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-27275

Products

Pricing

Contact Us