Sensitive Information Disclosure in IBM i2 iBase Product
CVE-2020-4584

3.3LOW

Key Information:

Vendor: IBM
Status: I2 Ibase
Vendor: CVE Published:; 30 October 2020

Summary

The IBM i2 iBase 8.9.13 is susceptible to a vulnerability that may permit remote attackers to glean sensitive information when an overly detailed technical error message is displayed in the browser. This data, potentially leveraged in subsequent attacks, poses significant risks to the integrity and confidentiality of the affected systems.

Affected Version(s)

i2 iBase 8.9.13

References

https://www.ibm.com/support/pages/node/6357065

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/184574

vdb-entryx_refsource_XF

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 30, 2020
Vulnerability Reserved
Dec 30, 2019