CVE-2021-39051
CVE-2021-39051
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 4.8EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
14 mar 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request forgery, caused by improper input of application server registration function. A remote attacker could exploit this vulnerability using the host address and port fields of the application server registration form in the portal UI to enumerate and attack services that are running on those hosts. IBM X-Force ID: 214441.
CVSS:3.0/AV:N/S:U/AC:H/UI:N/I:L/PR:N/A:N/C:L/RC:C/RL:O/E:U
Produtos afetados
IBM · Spectrum Copy Data Management