Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Ibm Subscribe
Filtered by product I2 Analyze
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-29769 3 Ibm, Linux, Microsoft 3 I2 Analyze, Linux Kernel, Windows 2023-12-10 4.3 MEDIUM 4.3 MEDIUM
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 202769.
CVE-2021-29766 3 Ibm, Linux, Microsoft 3 I2 Analyze, Linux Kernel, Windows 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202680.
CVE-2021-29770 3 Ibm, Linux, Microsoft 3 I2 Analyze, Linux Kernel, Windows 2023-12-10 4.0 MEDIUM 6.5 MEDIUM
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 202771.
CVE-2021-20430 3 Ibm, Linux, Microsoft 3 I2 Analyze, Linux Kernel, Windows 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196341.
CVE-2021-29784 3 Ibm, Linux, Microsoft 3 I2 Analyze, Linux Kernel, Windows 2023-12-10 4.0 MEDIUM 4.3 MEDIUM
IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 203168.