4.3.2

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

ibm

CWE-862

NVD

Published: 2021-07-26

Updated: 2021-08-03

Summary

IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 202771.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM I2 Analyze 4.3.1 IBM I2 Analyze 4.3.2 IBM I2 Analyze 4.3.0	3
OS	Microsoft Microsoft Windows -	1
OS	Linux Linux Linux Kernel -	1

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/202771
https://www.ibm.com/support/pages/node/6474877