Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-4588 | 2 Ibm, Microsoft | 2 I2 Ibase, Windows | 2022-09-30 | 6.8 MEDIUM | 7.8 HIGH |
IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 184579. | |||||
CVE-2020-4584 | 1 Ibm | 1 I2 Ibase | 2022-06-29 | 5.0 MEDIUM | 7.5 HIGH |
IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184574. | |||||
CVE-2021-29868 | 1 Ibm | 1 I2 Ibase | 2021-11-02 | 2.1 LOW | 5.5 MEDIUM |
IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 206213. | |||||
CVE-2020-4623 | 2 Ibm, Microsoft | 2 I2 Ibase, Windows | 2021-08-04 | 4.4 MEDIUM | 6.5 MEDIUM |
IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 184984. |