Remote Code Execution Vulnerability in IBM i2 Intelligent Analysis Platform 9.2.1
CVE-2020-4468

7.8HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
14 May 2020

Summary

IBM i2 Intelligent Analysis Platform 9.2.1 is susceptible to a remote code execution vulnerability due to memory corruption. An attacker can exploit this flaw by enticing a user to open a maliciously crafted document. This exploitation can result in executing arbitrary code with the victim's privileges or even crashing the application, compromising system integrity and user data. For more details, visit IBM's support page and X-Force vulnerability database entries associated with this issue.

Affected Version(s)

i2 Analysts Notebook 9.2.1

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.