CVE-2021-29868

IBM i2 iBase versions 8.9.13 and 9.0.0 have an information disclosure vulnerability caused by insufficient session expiration. A local attacker could obtain sensitive information due to session handling, as described in IBM’s security bulletin and CNVD/NVD entries. Remediation: upgrade to IBM i2 ...

CVE-2020-4623

IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 184984...

CVE-2020-4623

IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 184984...

CVE-2020-4623

IBM i2 iBase 8.9.13 is affected by CVE-2020-4623 due to a DLL search order hijacking flaw that could allow a local authenticated attacker to execute arbitrary code. The issue is described across multiple sources (NVD entry and IBM Security Bulletin), identifying the affected product as IBM i2 iBa...

IBM i2 iBase Information Disclosure Vulnerability

IBM i2 iBase is an intuitive intelligence data management application that enables collaborative teams of analysts to capture, control and analyze data from multiple sources in a highly secure workgroup environment. An information disclosure vulnerability exists in IBM i2 iBase version 8.9.13. A...

IBM i2 iBase Code Issues Vulnerabilities

IBM i2 iBase is an intuitive intelligence data management application that enables collaborative teams of analysts to capture, control and analyze data from multiple sources in a highly secure workgroup environment. A code issue vulnerability exists in IBM i2 iBase version 8.9.13, which arises fr...

Information disclosure

IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184574...

CVE-2020-4588

IBM i2 iBase 8.9.13 is vulnerable to unrestricted file upload, allowing uploaded executables to be run, potentially causing code execution on a victim. IBM’s Security Bulletin confirms the fix in iBase 9 and advises upgrading to a version that includes the fix. Affected product/version: IBM i2 iB...

CVE-2020-4584

The CVE-2020-4584 issue affects IBM i2 iBase 8.9.13. A remote attacker could obtain sensitive information via a detailed technical error message returned in the browser, enabling information disclosure that could be used for further attacks. The underlying cause is that detailed error messages ar...

PT-2020-18150 · Ibm · Ibm I2 Ibase

Name of the Vulnerable Software and Affected Versions: IBM i2 iBase version 8.9.13 Description: The issue allows an attacker to upload arbitrary executable files. When these files are executed by an unsuspecting victim, it could result in code execution. Recommendations: For IBM i2 iBase version...