5 matches found
CVE-2021-20430
CVE-2021-20430 affects IBM i2 Analyst’s Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, 4.3.2). A remote attacker could obtain sensitive information when a detailed technical error message is returned in the browser, enabling information disclosure. Affected products and versions are IBM i2 Analyz...
CVE-2021-29770
CVE-2021-29770 affects IBM i2 Analyze and Analyst’s Notebook Premium. The issue arises from hazardous input validation in certain data fields that can allow an authenticated user to perform unauthorized actions. Affected products/versions include IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2. The IBM ad...
CVE-2021-29766
CVE-2021-29766 affects IBM i2 Analyze (Analyst’s Notebook Premium) versions 4.3.0, 4.3.1, and 4.3.2. The vulnerability is an information-disclosure flaw where detailed browser error messages may reveal sensitive data to remote attackers, potentially aiding further attacks. Documented CVSS: 3.x ve...
CVE-2021-29769
The CVE-2021-29769 issue affects IBM i2 Analyze Premium (IBM i2 Analyze 4.3.0, 4.3.1, 4.3.2). Root cause: authorization tokens and session cookies lack the Secure attribute, enabling cookie values to be leaked if a user visits an HTTP link or a compromised site. Impact: information disclosure via...
CVE-2021-29784
IBM i2 Analyze (versions 4.3.0, 4.3.1, 4.3.2) is affected by an information-disclosure vulnerability where a detailed error message rendered in the browser can leak sensitive data. Root cause is information disclosure via verbose browser error dialogs. Impact is information exposure; no exploit d...