Sensitive Information Exposure in IBM i2 iBase Software
CVE-2021-29868

4MEDIUM

Key Information:

Vendor
IBM
Status
Vendor
CVE Published:
27 October 2021

Summary

IBM i2 iBase versions 8.9.13 and 9.0.0 are susceptible to a security vulnerability that allows a local attacker to obtain sensitive information. This occurs due to insufficient session expiration mechanisms. To mitigate this issue, it is essential for users of the affected versions to implement appropriate security measures and stay updated with the latest patches.

Affected Version(s)

i2 iBase 8.9.13

i2 iBase 9.0.0

References

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.