Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM28D35A90DBB873885C5A31F6310708C23C3F20337F112BBCC493C6239238297D
HistoryNov 02, 2020 - 7:56 p.m.

Security Bulletin: IBM i2 Analyst's Notebook Vulnerable to Memory Corruption Vulnerabilities

2020-11-0219:56:38
www.ibm.com
14

0.001 Low

EPSS

Percentile

29.3%

JSON

Summary

IBM i2 Analyst’s Notebook and Analyst’s Notebook Premium addressed several memory corruption vulnerabilities.

Vulnerability Details

CVEID:CVE-2020-4724
**DESCRIPTION:**IBM i2 Analyst’s Notebook could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/187874 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-4722
**DESCRIPTION:**IBM i2 Analyst’s Notebook could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/187870 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-4723
**DESCRIPTION:**IBM i2 Analyst’s Notebook could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/187873 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-4721
**DESCRIPTION:**IBM i2 Analyst’s Notebook could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/187868 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM i2 Analyst’s Notebook IBM i2 Analyst’s Notebook 9.2.0
IBM i2 Analyst’s Notebook IBM i2 Analyst’s Notebook 9.2.1

Remediation/Fixes

Please download updates from IBM Fix Central using the links below

Analyst’s Notebook
https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=i2&product=ibm/Other+software/i2+Analysts+Notebook&release=9.2.2.0&platform=Windows&function=all

Analyst’s Notebook Premium
https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=i2&product=ibm/Other+software/i2+Analysts+Notebook+Premium&release=9.2.2.0&platform=Windows&function=all

Workarounds and Mitigations

None

Related

nvd 4
cve 4
cvelist 4
prion 4
nvd
nvd
CVE-2020-4723
2020-10-29 16:15:15
CVE-2020-4724
2020-10-29 16:15:15
CVE-2020-4722
2020-10-29 16:15:15
cve
cve
CVE-2020-4723
2020-10-29 16:15:15
CVE-2020-4724
2020-10-29 16:15:15
CVE-2020-4721
2020-10-29 16:15:14
cvelist
cvelist
CVE-2020-4723
2020-10-28 00:00:00
CVE-2020-4722
2020-10-28 00:00:00
CVE-2020-4724
2020-10-28 00:00:00
prion
prion
Memory corruption
2020-10-29 16:15:00
Memory corruption
2020-10-29 16:15:00
Memory corruption
2020-10-29 16:15:00

0.001 Low

EPSS

Percentile

29.3%

JSON
Related for 28D35A90DBB873885C5A31F6310708C23C3F20337F112BBCC493C6239238297D
nvd4cve4cvelist4prion4