Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM7EE5C4097558DFF01800D22836D13A927486548205B1640B5EB5F0F855A06BDF
HistoryJul 23, 2021 - 2:27 p.m.

Security Bulletin: IBM i2 iBase vulnerable to DLL highjacking (CVE-2020-4623)

2021-07-2314:27:58
www.ibm.com
11
dll highjacking
arbitrary code execution
ibm i2 ibase
vulnerability
cve-2020-4623

EPSS

0

Percentile

5.1%

JSON

Summary

i2 iBase is vulnerable to DLL highjacking attacks.

Vulnerability Details

CVEID:CVE-2020-4623
**DESCRIPTION:**IBM i2 iBase could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/184984 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM i2 iBase 8.9.13

Remediation/Fixes

Please visit your IBM customer portal to upgrade to iBase 9

Workarounds and Mitigations

None

Related

prion 1
cnvd 1
cve 1
cvelist 1
nvd 1
prion
prion
Code injection
2021-07-26 12:15:00
cnvd
cnvd
IBM i2 iBase Code Execution Vulnerability
2021-07-27 00:00:00
cve
cve
CVE-2020-4623
2021-07-26 12:15:08
cvelist
cvelist
CVE-2020-4623
2021-07-26 12:10:32
nvd
nvd
CVE-2020-4623
2021-07-26 12:15:08

EPSS

0

Percentile

5.1%

JSON
Related for 7EE5C4097558DFF01800D22836D13A927486548205B1640B5EB5F0F855A06BDF
prion1cnvd1cve1cvelist1nvd1