CVE-2024-31879

HIGH

IBM i <7.5 - Code Injection

Title source: llm

Description

IBM i 7.2, 7.3, and 7.4 could allow a remote attacker to execute arbitrary code leading to a denial of service of network ports on the system, caused by the deserialization of untrusted data. IBM X-Force ID: 287539.

References (2)

[Third Party Advisory] https://exchange.xforce.ibmcloud.com/vulnerabilities/287539

[Vendor Advisory] https://www.ibm.com/support/pages/node/7154380

Scores

CVSS v3 7.5

EPSS 0.0075

EPSS Percentile 73.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-502

Status published

Affected Products (3)

ibm/i

Timeline

Published May 18, 2024

Tracked Since Feb 18, 2026