← volver
CVE-2021-20432

CVE-2021-20432

CVSS 6.5 MEDIUMEPSS 0.7%
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.5EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
26 abr 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 196344.
CVSS:3.0/AV:N/UI:N/I:L/S:U/A:N/C:L/PR:N/AC:L/RC:C/RL:O/E:U
Productos afectados
IBM · Spectrum Protect Plus