CVE-2024-35122

Name of the Vulnerable Software and Affected Versions: IBM i versions 7.2 through 7.5

Description: The issue is related to a file level local denial of service caused by an insufficient authority requirement. A local non-privileged user can configure a referential constraint with the privileges of a user who has been socially engineered to access the target file.

Recommendations: For IBM i versions 7.2 through 7.5, consider restricting access to configuring referential constraints to prevent exploitation by local non-privileged users. At the moment, there is no information about a newer version that contains a fix for this vulnerability.