Vulnerabilities > CVE-2021-20431 - Insufficient Session Expiration vulnerability in IBM I2 Analysts Notebook 9.2.0/9.2.1/9.2.2

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ibm
CWE-613
NVD
Published: 2021-07-26
Updated: 2021-08-04

Summary

IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. IBM X-Force ID: 196342.

Vulnerable Configurations

Part Description Count
Application
Ibm
3
OS
Linux
1
OS
Microsoft
1

Common Weakness Enumeration (CWE)

References