Lucene search
IBM5C48BDC4D0E6807A91C66C362A1FEBD8F3CA3D5B5B865D286616DA05BDC20C8DHistoryDec 21, 2021 - 6:59 p.m.
Security Bulletin: i2 Analysts' Notebook memory corruption vulnerability
2021-12-2118:59:13
www.ibm.com
20
vulnerability
memory corruption
ibm i2 analyst's notebook
cve-2021-39050
stack-based buffer overflow
bounds checking
EPSS
0
Percentile
5.1%
Summary
i2 Analysts’ Notebook is potentially vulnerable to a memory corruption vulnerability
Vulnerability Details
CVEID:CVE-2021-39050
**DESCRIPTION:**IBM i2 Analyst’s Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214440.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/214440 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM i2 Analyst’s Notebook | IBM i2 Analyst’s Notebook 9.2.0 |
| IBM i2 Analyst’s Notebook | All |
| IBM i2 Analyst’s Notebook | IBM i2 Analyst’s Notebook 9.2.1 |
| IBM i2 Analyst’s Notebook | IBM i2 Analyst’s Notebook 9.2.2 |
Remediation/Fixes
Please visit your customer portal and install the 9.3.1 continuous delivery update
Workarounds and Mitigations
None
Related
nvd
nvd
CVE-2021-39050
2021-12-13 19:15:08
cnvd
cnvd
IBM i Buffer Overflow Vulnerability
2021-12-16 00:00:00
prion
prion
Stack overflow
2021-12-13 19:15:00
cvelist
cvelist
CVE-2021-39050
2021-12-10 00:00:00
cve
cve
CVE-2021-39050
2021-12-13 19:15:08