Vulnerabilities > IBM > I2 Analyze > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-26 | CVE-2021-20430 | Information Exposure Through an Error Message vulnerability in IBM I2 Analyze 4.3.0/4.3.1/4.3.2 IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
| 2021-07-26 | CVE-2021-29766 | Information Exposure Through an Error Message vulnerability in IBM I2 Analyze 4.3.0/4.3.1/4.3.2 IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
| 2021-07-26 | CVE-2021-29769 | Cleartext Transmission of Sensitive Information vulnerability in IBM I2 Analyze 4.3.0/4.3.1/4.3.2 IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2021-07-26 | CVE-2021-29770 | Improper Input Validation vulnerability in IBM I2 Analyze 4.3.0/4.3.1/4.3.2 IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an authenticated user to perform unauthorized actions due to hazardous input validation. | 6.5 |
| 2021-07-26 | CVE-2021-29784 | Information Exposure Through an Error Message vulnerability in IBM I2 Analyze 4.3.0/4.3.1/4.3.2 IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |