Lucene search

IbmCVELIST:CVE-2020-4584

HistoryOct 30, 2020 - 1:50 p.m.

CVE-2020-4584

2020-10-3013:50:16

ibm

www.cve.org

ibm i2 ibase

remote attack

sensitive information

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

AI Score

Confidence

High

EPSS

0.003

Percentile

70.4%

JSON

IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184574.

CNA Affected

[
  {
    "product": "i2 iBase",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "8.9.13"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/184574

www.ibm.com/support/pages/node/6357065

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

AI Score

Confidence

High

EPSS

0.003

Percentile

70.4%

JSON

Related for CVELIST:CVE-2020-4584