CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-29784
https://notcve.org/view.php?id=CVE-2021-29784
26 Jul 2021 — IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 203168. IBM i2 Analyze versiones4.3.0, 4.3.1 y 4.3.2, podrían permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría ser usada en otros ataques contra ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/203168 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-29770
https://notcve.org/view.php?id=CVE-2021-29770
26 Jul 2021 — IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 202771. IBM i2 Analyst's Notebook Premium (IBM i2 Analyze versiones 4.3.0, 4.3.1 y 4.3.2) podría permitir a un usuario autenticado llevar a cabo acciones no autorizadas debido a una comprobación de entrada peligrosa. IBM X-Force ID: 202771 • https://exchange.xforce.ibmcloud.com/vulnerabilities/202771 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-29769
https://notcve.org/view.php?id=CVE-2021-29769
26 Jul 2021 — IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 202769. IBM i2 Analyst's Notebook Premium (IBM i2 Analyze versiones 4.3.0, 4.3.1 y 4.3.... • https://exchange.xforce.ibmcloud.com/vulnerabilities/202769 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-29766
https://notcve.org/view.php?id=CVE-2021-29766
26 Jul 2021 — IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202680. IBM i2 Analyst's Notebook Premium (IBM i2 Analyze versiones 4.3.0, 4.3.1 y 4.3.2) podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en e... • https://exchange.xforce.ibmcloud.com/vulnerabilities/202680 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-20430
https://notcve.org/view.php?id=CVE-2021-20430
26 Jul 2021 — IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196341. IBM i2 Analyst's Notebook Premium (IBM i2 Analyze versiones 4.3.0, 4.3.1 y 4.3.2) podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en e... • https://exchange.xforce.ibmcloud.com/vulnerabilities/196341 • CWE-209: Generation of Error Message Containing Sensitive Information •