1255 matches found
IBM i2 Analyst's Notebook Premium Information Disclosure Vulnerability
IBM i2 Analyst's Notebook Premium is an intuitive analysis environment that combines data storage, analysis tools, visualization and dissemination capabilities. i2 Analyst's Notebook Premium contains a security vulnerability that could be exploited by remote attackers to obtain sensitive...
IBM i2 Analyst's Notebook Premium Information Disclosure Vulnerability (CNVD-2021-55190)
IBM i2 Analyst's Notebook Premium is a premium version of IBM i2 Analyst's Notebook from IBM of America. IBM i2 Analyst's Notebook Premium is vulnerable to an information disclosure vulnerability that could be exploited by an attacker to obtain cookie values by listening to traffic...
IBM i2 Analyst's Notebook Premium Information Disclosure Vulnerability (CNVD-2021-55189)
IBM i2 Analyst's Notebook Premium is a premium version of IBM i2 Analyst's Notebook from IBM USA. IBM i2 Analyst's Notebook Premium has an information disclosure vulnerability that could be exploited by an attacker to obtain sensitive information...
IBM i2 Analyst's Notebook Premium Information Disclosure Vulnerability
IBM i2 Analyst's Notebook Premium is a premium version of IBM i2 Analyst's Notebook from IBM USA. IBM i2 Analyst's Notebook Premium has an information disclosure vulnerability that could be exploited by an attacker to obtain sensitive information from the system...
CVE-2021-29766
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202680...
CVE-2021-29767
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202681...
CVE-2021-20430
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196341...
CVE-2021-29769
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie...
CVE-2021-29770
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 202771...
CVE-2021-29766
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202680...
CVE-2021-29767
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202681...
CVE-2021-20431
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. IBM X-Force ID: 196342...
CVE-2021-29769
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie...
CVE-2021-20430
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196341...
CVE-2021-20431
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. IBM X-Force ID: 196342...
Authorization
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie...
Information disclosure
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202680...
Information disclosure
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196341...
Information disclosure
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202681...
Design/Logic Flaw
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. IBM X-Force ID: 196342...