Memory Corruption Flaw in IBM i2 Analyst Notebook Products
CVE-2020-4723

7.8HIGH

Key Information:

Vendor
IBM
Status
I2 Analyst Notebook
Vendor
CVE Published:
29 October 2020

Summary

A memory corruption vulnerability exists in IBM i2 Analyst Notebook versions 9.2.0 and 9.2.1. This flaw could be exploited by local attackers who convince a victim to open a maliciously crafted file, potentially allowing the execution of arbitrary code on the affected system. This exploitation can lead to significant security risks if not addressed. Always ensure your software is updated to mitigate such vulnerabilities.

Affected Version(s)

i2 Analyst Notebook 9.2.1

i2 Analyst Notebook 9.2.0

References

https://www.ibm.com/support/pages/node/6356497
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/187873
vdb-entryx_refsource_XF

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.