Severity
Medium
Analysis Summary
CVE-2024-27260 CVSS:8.4
IBM AIX could 7.2, 7.3, VIOS 3.1, and VIOS 4.1 allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands.
CVE-2023-47717 CVSS:4.4
IBM Security Guardium 12.0 could allow a privileged user to perform unauthorized actions that could lead to a denial of service.
CVE-2024-31879 CVSS:7.5
IBM i 7.2, 7.3, and 7.4 could allow a remote attacker to execute arbitrary code leading to a denial of service of network ports on the system, caused by the deserialization of untrusted data.
Impact
- Denial of Service
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-27260
- CVE-2023-47717
- CVE-2024-31879
Affected Vendors
IBM
Affected Products
- IBM i 7.2
- IBM i 7.3
- IBM i 7.4
- IBM AIX 7.2
- IBM VIOS 3.1
- IBM AIX 7.3
- IBM VIOS 4.1
- IBM Security Guardium 12.0
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.