CVE-2020-4623
CVE-2020-4623
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.7EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
26 Jul 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 184984.
CVSS:3.0/A:H/I:H/AC:L/C:H/UI:R/AV:L/PR:H/S:C/E:U/RC:C/RL:O
Affected products
IBM · i2 iBase