Medium Severity

Security Bulletin: Insufficient session expiration in IBM i2 iBase

Share this post:

IBM i2 iBase provides insufficient login sessioon timeouts

CVE(s): CVE-2021-29868

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM i2 iBase All
IBM i2 iBase 9.0.0
IBM i2 iBase 8.9.13

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6508776
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/206213

More stories

Security Bulletin: Multiple vulnerabilities may affect IBM® Semeru Runtime

Dec 2, 2021 7:01 pm EST | Medium Severity

This bulletin covers all applicable Java SE CVEs published by OpenJDK as part of their October 2021 Vulnerability Advisory, plus CVE-2021-41035. For more information please refer to OpenJDK's October 2021 Vulnerability Advisory and the X-Force database entries referenced below. ...read more


Security Bulletin: This Power System update is being released to address CVE 2020-16166

Dec 2, 2021 7:00 pm EST | Medium Severity

POWER9: In response to a security issue with BMC's network service, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2020-16166. ...read more


Security Bulletin: Security Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU – Oct 2020 – affect multiple IBM Continuous Engineering products based on IBM Jazz Technology

Dec 1, 2021 7:02 pm EST | Medium Severity

There are multiple vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - Includes Oracle Oct 2020 CPU minus CVE-2020-14781 and CVE-2020-14782 and CVE-2020-14782 that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Global Configuration Management (GCM). These issues were disclosed as part of the IBM Java SDK updates in Oct 2020. ...read more