Ibm: >> I2 Ibase Security Vulnerabilities
IBM i2 iBase 8.9.13 and 9.0.0 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 206213.
CVSS Score
4.0
EPSS Score
0.0
Published
2021-10-27
IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 184984.
CVSS Score
7.7
EPSS Score
0.001
Published
2021-07-26
IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 184579.
CVSS Score
7.7
EPSS Score
0.004
Published
2020-10-30
IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184574.
CVSS Score
3.3
EPSS Score
0.002
Published
2020-10-30