Lucene search

IbmCVELIST:CVE-2021-29908

HistoryOct 06, 2021 - 5:50 p.m.

CVE-2021-29908

2021-10-0617:50:16

ibm

www.cve.org

ibm

ts7700

management interface

unauthenticated access

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

AI Score

9.1

Confidence

High

EPSS

0.002

Percentile

51.5%

JSON

The IBM TS7700 Management Interface is vulnerable to unauthenticated access. By accessing a specially-crafted URL, an attacker may gain administrative access to the Management Interface without authentication. IBM X-Force ID: 207747.

CNA Affected

[
  {
    "product": "Virtualization Engine TS7700 3957-VED",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "8.51.0.63"
      },
      {
        "status": "affected",
        "version": "8.51.1.26"
      },
      {
        "status": "affected",
        "version": "8.52.100.32"
      }
    ]
  },
  {
    "product": "Virtualization Engine TS7700 3957-VEC",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "8.51.0.63"
      },
      {
        "status": "affected",
        "version": "8.51.1.26"
      },
      {
        "status": "affected",
        "version": "8.52.100.32"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/207747

www.ibm.com/support/pages/node/6495469

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

AI Score

9.1

Confidence

High

EPSS

0.002

Percentile

51.5%

JSON

Related for CVELIST:CVE-2021-29908