CVE-2024-52895

CWE-7543 documents3 sources

Severity

6.5MEDIUM

EPSS

0.0%

top 89.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM I

Timeline

PublishedFeb 14

Description

IBM i 7.4 and 7.5 is vulnerable to a database access denial of service caused by a bypass of a database capabilities restriction check. A privileged bad actor can remove or otherwise impact database infrastructure files resulting in incorrect behavior of software products that rely upon the database.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5ibm/i7.4, 7.5

▶NVDibm/i7.4, 7.5, 7.6+2

🔴Vulnerability Details

GHSA

GHSA-4g76-3h7v-gvxm: IBM i 7↗2025-02-14

▶

CVEList

IBM i denial of service↗2025-02-14

▶