CVE-2024-51459Improper Handling of Insufficient Permissions or Privileges in IBM Infosphere Information Server

CWE-280Improper Handling of Insufficient Permissions or Privileges3 documents3 sources
Severity
7.8HIGHNVD
CNA8.4
EPSS
0.0%
top 96.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Infosphere Information Server
Timeline
PublishedMar 19

Description

IBM InfoSphere Information Server 11.7 could allow a local user to execute privileged commands due to the improper handling of permissions.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDibm/infosphere_information_server11.711.7.1.136

🔴Vulnerability Details

2
CVEList
IBM InfoSphere Server Information command execution2025-03-19
GHSA
GHSA-h83j-jr29-xw3m: IBM InfoSphere Information Server 112025-03-19
CVE-2024-51459 — IBM vulnerability | cvebase