CVE-2024-22346

HIGH

Db2 for IBM i <7.6 - Privilege Escalation

Title source: llm

Description

Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 280203.

References (2)

[VDB Entry, Vendor Advisory] https://exchange.xforce.ibmcloud.com/vulnerabilities/280203

[Patch, Vendor Advisory] https://www.ibm.com/support/pages/node/7140499

Scores

CVSS v3 8.4

EPSS 0.0004

EPSS Percentile 10.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (4)

ibm/i

Timeline

Published Mar 14, 2024

Tracked Since Feb 18, 2026