Remote Code Execution Vulnerability in IBM i2 Intelligent Analysis Platform 9.2.1
CVE-2020-4468
7.8HIGH
Summary
IBM i2 Intelligent Analysis Platform 9.2.1 is susceptible to a remote code execution vulnerability due to memory corruption. An attacker can exploit this flaw by enticing a user to open a maliciously crafted document. This exploitation can result in executing arbitrary code with the victim's privileges or even crashing the application, compromising system integrity and user data. For more details, visit IBM's support page and X-Force vulnerability database entries associated with this issue.
Affected Version(s)
i2 Analysts Notebook 9.2.1
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved