Memory Corruption in IBM i2 Analyst Notebook 9.2.0 and 9.2.1
CVE-2020-4722
7.8HIGH
Summary
IBM i2 Analyst Notebook versions 9.2.0 and 9.2.1 are affected by a memory corruption vulnerability that may allow local attackers to execute arbitrary code on the system. This security risk arises when a victim opens a specially-crafted file, enabling the attacker to exploit the memory issue and gain unauthorized control over the machine. It is essential for users of affected versions to apply the necessary security patches to mitigate this risk.
Affected Version(s)
i2 Analyst Notebook 9.2.1
i2 Analyst Notebook 9.2.0
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved