CVE-2024-51464

Name of the Vulnerable Software and Affected Versions IBM i versions 7.3, 7.4, and 7.5

Description The issue allows an authenticated attacker to bypass Navigator for i interface restrictions by sending a specially crafted request, enabling them to remotely perform operations that the user is not allowed to perform when using Navigator for i.

Recommendations For IBM i versions 7.3, 7.4, and 7.5, consider restricting access to the Navigator for i interface until a patch is available. As a temporary workaround, consider disabling the interface or limiting its functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.