Skip to main content

I2 Ibase

3 CVEs product

Monthly

CVE-2021-29868 MEDIUM PATCH This Month

IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure I2 Ibase
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-4588 HIGH PATCH This Week

IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

File Upload RCE IBM I2 Ibase
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-4584 HIGH PATCH This Week

IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure I2 Ibase
NVD
CVSS 3.1
7.5
EPSS
1.0%
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure I2 Ibase
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

File Upload RCE IBM +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure I2 Ibase
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy