CVE-2024-51464

Medium

IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending a specially crafted request, an…

ibm·CWE-288·Published 2024-12-21

CVSS

4.3

EPSS

0.01

KEV

Exploits

cve.orgen

289 chars

IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to remotely perform operations that the user is not allowed to perform when using Navigator for i.

NVDen

289 chars

NVDes

332 chars

IBM i 7.3, 7.4 y 7.5 es vulnerable a la omisión de las restricciones de la interfaz de Navigator for i. Al enviar una solicitud especialmente manipulada, un atacante autenticado podría aprovechar esta vulnerabilidad para realizar de forma remota operaciones que el usuario no tiene permitido realizar cuando utiliza Navigator for i.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	4.3	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3.1	Secondary	NVD	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N