Sensitive Information Exposure in IBM i2 iBase Software
CVE-2021-29868
4MEDIUM
Summary
IBM i2 iBase versions 8.9.13 and 9.0.0 are susceptible to a security vulnerability that allows a local attacker to obtain sensitive information. This occurs due to insufficient session expiration mechanisms. To mitigate this issue, it is essential for users of the affected versions to implement appropriate security measures and stay updated with the latest patches.
Affected Version(s)
i2 iBase 8.9.13
i2 iBase 9.0.0
References
CVSS V3.1
Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved