Lucene search

IbmCVELIST:CVE-2021-38999

HistoryNov 30, 2021 - 4:45 p.m.

CVE-2021-38999

2021-11-3016:45:18

ibm

www.cve.org

ibm mq appliance

sensitive information

data trace

CVSS3

5.1

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

AI Score

5.3

Confidence

High

EPSS

Percentile

5.1%

JSON

IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace.

CNA Affected

[
  {
    "product": "MQ Appliance",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "9.2.0.0"
      },
      {
        "status": "affected",
        "version": "9.2.1"
      },
      {
        "status": "affected",
        "version": "9.2.0.1"
      },
      {
        "status": "affected",
        "version": "9.2.2"
      },
      {
        "status": "affected",
        "version": "9.2.0.2"
      },
      {
        "status": "affected",
        "version": "9.2.0.3"
      },
      {
        "status": "affected",
        "version": "9.2.3"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/213214

www.ibm.com/support/pages/node/6519418

CVSS3

5.1

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

AI Score

5.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2021-38999