Memory Corruption Flaw in IBM i2 Analyst Notebook Products
CVE-2020-4723

7.8HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
29 October 2020

Summary

A memory corruption vulnerability exists in IBM i2 Analyst Notebook versions 9.2.0 and 9.2.1. This flaw could be exploited by local attackers who convince a victim to open a maliciously crafted file, potentially allowing the execution of arbitrary code on the affected system. This exploitation can lead to significant security risks if not addressed. Always ensure your software is updated to mitigate such vulnerabilities.

Affected Version(s)

i2 Analyst Notebook 9.2.1

i2 Analyst Notebook 9.2.0

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.