Vulnerabilities > CVE-2024-51464

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

CWE-644

NVD

Published: 2024-12-21

Updated: 2024-12-21

Summary

IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to remotely perform operations that the user is not allowed to perform when using Navigator for i.

Common Weakness Enumeration (CWE)

CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax

References

https://www.ibm.com/support/pages/node/7179509

Vulnerabilities > CVE-2024-51464 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2024-51464"}]}

Summary

Common Weakness Enumeration (CWE)

References

Vulnerabilities > CVE-2024-51464