PT-2020-18150 · Ibm · Ibm I2 Ibase
Chris Shepherd
+7
·
Published
2020-10-30
·
Updated
2022-09-30
·
CVE-2020-4588
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM i2 iBase version 8.9.13
Description
The issue allows an attacker to upload arbitrary executable files. When these files are executed by an unsuspecting victim, it could result in code execution.
Recommendations
For IBM i2 iBase version 8.9.13, update to a version that includes a fix for this issue to prevent arbitrary code execution.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm I2 Ibase