IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. A user with authority to a view can alter the based-on physical file security attributes without having object management rights to the physical file. A malicious actor can use the elevated privileges to perform actions restricted by their view privileges.
2024-12-18T11:15:05.763
2025-07-03T20:54:13.533
Analyzed
CVSSv3.1: 6.8 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | i | 7.4 | Yes |
| Application | ibm | i | 7.5 | Yes |
| Operating System | ibm | i | - | No |