Medium Severity

Security Bulletin: i2 Analyse and Analyst's Notebook Premium have hyperlink clicking vulnerability (CVE-2021-29770)

Share this post:

IBM i2 Analyse and Analyst’s Notebook Premium are vulnerable to malicious hyperlinks in certain data fields

CVE(s): CVE-2021-29770

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM i2 Analyze IBM i2 Analyze 4.3.1
IBM i2 Analyze IBM i2 Analyze 4.3.0
IBM i2 Analyze IBM i2 Analyze 4.3.2

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6474877
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/202771

More stories

Security Bulletin: Multiple vulnerabilities in Apache HTTP Server affect IBM i

Sep 24, 2021 8:00 pm EDT | Medium Severity

Apache HTTP Server on IBM i is vulnerabile to the issues described in the vulnerability details section. IBM i has addressed the vulnerabilities in the Apache HTTP Server implementation as described in the remediation/fixes section. ...read more


Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability.

Sep 23, 2021 8:00 pm EDT | Medium Severity

WebSphere Application Server Liberty used by Rational Asset Analyzer is vulnerable to an XML External Entity Injection (XXE) vulnerability. This has been addressed. ...read more


Security Bulletin: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2021-38877)

Sep 22, 2021 8:04 pm EDT | Medium Severity

IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ...read more