CVE-2024-31879

IBM i 7.2, 7.3, and 7.4 could allow a remote attacker to execute arbitrary code leading to a denial of service of network ports on the system, caused by the deserialization of untrusted data. IBM X-Force ID: 287539.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/287539	Third Party Advisory
https://www.ibm.com/support/pages/node/7154380	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/287539	Third Party Advisory
https://www.ibm.com/support/pages/node/7154380	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:ibm:i:7.2:::::::*
	cpe:2.3:a:ibm:i:7.3:::::::*
	cpe:2.3:a:ibm:i:7.4:::::::*

cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-05-18 16:15

Updated : 2025-07-03 20:54

NVD link : CVE-2024-31879

Mitre link : CVE-2024-31879

CVE.ORG link : CVE-2024-31879

JSON object : View

Products Affected

ibm

i

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2024-31879", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-05-18T16:15:47.253", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287539", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://www.ibm.com/support/pages/node/7154380", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/287539", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.ibm.com/support/pages/node/7154380", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "IBM i 7.2, 7.3, and 7.4 could allow a remote attacker to execute arbitrary code leading to a denial of service of network ports on the system, caused by the deserialization of untrusted data. IBM X-Force ID: 287539."}, {"lang": "es", "value": " IBM i 7.2, 7.3 y 7.4 podr\u00edan permitir a un atacante remoto ejecutar c\u00f3digo arbitrario provocando una denegaci\u00f3n de servicio de puertos de red en el sistema, provocada por la deserializaci\u00f3n de datos que no son de confianza. ID de IBM X-Force: 287539."}], "lastModified": "2025-07-03T20:54:15.167", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:i:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E41BD05-37B8-4494-9344-506D4BCF43C2"}, {"criteria": "cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD4F4919-D935-4B81-B4E8-0E0F2DAC09B1"}, {"criteria": "cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE2B298C-E1F6-43BD-A5EF-83964C6669CE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C684FC45-C9BA-4EF0-BD06-BB289450DD21"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}