{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T13:14:22.873","vulnerabilities":[{"cve":{"id":"CVE-2020-4623","sourceIdentifier":"psirt@us.ibm.com","published":"2021-07-26T12:15:08.317","lastModified":"2024-11-21T05:33:00.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 184984."},{"lang":"es","value":"IBM i2 iBase versión 8.9.13, podría permitir a un atacante local autenticado ejecutar código arbitrario en el sistema, causado por un fallo de secuestro del orden de búsqueda de la DLL. Al usar un archivo .DLL especialmente diseñado, un atacante podría explotar esta vulnerabilidad para ejecutar código arbitrario en el sistema. IBM X-Force ID: 184984"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.6,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.1,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:P/A:P","baseScore":4.4,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:i2_ibase:8.9.13:*:*:*:*:*:*:*","matchCriteriaId":"FC25801D-B8EB-497D-AF2F-F52A3DD38C52"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/184984","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6474857","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/184984","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6474857","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}