Code Execution Risk in IBM i2 iBase by Arbitrary File Upload
CVE-2020-4588
7.7HIGH
Summary
The vulnerability in IBM i2 iBase 8.9.13 allows an attacker to upload arbitrary executable files. If executed by an unsuspecting victim, this could lead to unauthorized code execution within the victim's environment. Attackers exploiting this vulnerability can manipulate the file upload process, potentially compromising sensitive information and system integrity.
Affected Version(s)
i2 iBase 8.9.13
References
CVSS V3.1
Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved