CVE-2021-29859
CVE-2021-29859
Vexday Risk Score
8Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 3.5EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
02 mai 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
IBM ICP4A - User Management System Component (IBM Cloud Pak for Business Automation V21.0.3 through V21.0.3-IF008, V21.0.2 through V21.0.2-IF009, and V21.0.1 through V21.0.1-IF007) could allow a user with physical access to the system to perform unauthorized actions or obtain sensitive information due to insufficient validation and recvocation another user logouting out. IBM X-Force ID: 206081.
CVSS:3.0/S:U/A:N/AV:P/PR:N/AC:L/C:L/I:L/UI:N/RC:C/E:U/RL:O
Produtos afetados
IBM · Cloud Pak for Business Automation