CVE-2024-22346

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 14, 2024
Updated: Mar 19, 2024
CWE ID 264

Summary

CVE-2024-22346 is a newly disclosed vulnerability affecting IBM i DB2 versions 7.2, 7.3, 7.4, and 7.5. This issue grants local users the ability to elevate their privileges through unqualified library calls, potentially allowing malicious code execution with administrator privileges. IBM X-Force has assigned the ID 280203 to this vulnerability. This infrastructure flaw can pose a significant risk to IBM i DB2 users, requiring prompt attention and patching.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share