VYPR

i2 Analyze

by IBM

CVEs (5)

  • CVE-2021-29784Jul 26, 2021
    risk 0.00cvss epss 0.01

    IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 203168.

  • CVE-2021-29770Jul 26, 2021
    risk 0.00cvss epss 0.01

    IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 202771.

  • CVE-2021-29769Jul 26, 2021
    risk 0.00cvss epss 0.01

    IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user…

  • CVE-2021-29766Jul 26, 2021
    risk 0.00cvss epss 0.01

    IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM…

  • CVE-2021-20430Jul 26, 2021
    risk 0.00cvss epss 0.01

    IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM…