PT-2024-5313 · Ibm · Ibm Rational Development Studio For I+1
Published
2024-04-27
·
Updated
2025-08-13
·
CVE-2024-25050
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM i versions 7.2 through 7.5
IBM Rational Development Studio for i versions 7.2 through 7.5
Description
The issue is related to an unqualified library call in the networking and compiler infrastructure of IBM i and IBM Rational Development Studio for i, which could allow a local user to gain elevated privileges. A malicious actor could cause user-controlled code to run with administrator privileges due to insufficient protection of registration data.
Recommendations
For IBM i versions 7.2 through 7.5, update to a version that includes the fix for this issue.
For IBM Rational Development Studio for i versions 7.2 through 7.5, update to a version that includes the fix for this issue.
As a temporary workaround, consider restricting access to the affected infrastructure to minimize the risk of exploitation.
Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Rational Development Studio For I
Ibm I