IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Mon, 29 Sep 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support. IBM X-Force ID: 285203. | IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support. |
Weaknesses | CWE-266 | |
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-09-29T15:04:45.978Z
Reserved: 2024-02-22T01:26:52.587Z
Link: CVE-2024-27275

Updated: 2024-08-02T00:27:59.967Z

Status : Modified
Published: 2024-06-15T14:15:09.443
Modified: 2025-09-29T15:16:06.107
Link: CVE-2024-27275

No data.

No data.