Input Validation Flaw in IBM i2 Analyst's Notebook Premium
CVE-2021-29770

4.1MEDIUM

Key Information:

Vendor: IBM
Status: I2 Analyze
Vendor: CVE Published:; 26 July 2021

What is CVE-2021-29770?

IBM i2 Analyst's Notebook Premium versions 4.3.0, 4.3.1, and 4.3.2 are susceptible to an input validation failure that can enable authenticated users to carry out unauthorized actions. This flaw points to security oversights where user-provided input can lead to potential exploitation, compromising the integrity of the system. For more information, visit the official IBM support page or IBM X-Force Exchange.

Affected Version(s)

i2 Analyze 4.3.0

i2 Analyze 4.3.1

i2 Analyze 4.3.2

References

https://www.ibm.com/support/pages/node/6474877

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/202771

vdb-entryx_refsource_XF

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2021
Vulnerability Reserved
Mar 31, 2021