VYPR

i2 iBase

by IBM

CVEs (4)

  • CVE-2020-4588HigOct 30, 2020
    risk 0.51cvss 7.8epss 0.01

    IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 184579.

  • CVE-2020-4584HigOct 30, 2020
    risk 0.49cvss 7.5epss 0.01

    IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184574.

  • CVE-2020-4623MedJul 26, 2021
    risk 0.42cvss 6.5epss 0.00

    IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM…

  • CVE-2021-29868MedOct 27, 2021
    risk 0.36cvss 5.5epss 0.00

    IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 206213.