CVE-2020-4468

Опубликовано: 14 мая 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 9.3

EPSS Низкий

Описание

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 181723.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/181723
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6209081
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/181723
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6209081
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ibm:i2_analysts_notebook:9.2.1:*:*:*:-:*:*:*

cpe:2.3:a:ibm:i2_analysts_notebook:9.2.1:*:*:*:premium:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01324

Низкий

7.8 High

CVSS3

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-h77r-523x-wxpw

github

больше 3 лет назад

EPSS

Процентиль: 80%

0.01324

Низкий

7.8 High

CVSS3

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-787