CVE-2021-29708

CWE-269Improper Privilege Management3 documents3 sources
Severity
6.7MEDIUM
EPSS
0.0%
top 85.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Spectrum Scale
Timeline
PublishedMay 25
Latest updateMay 24

Description

IBM Spectrum Scale 5.1.0.1 could allow a local with access to the GUI pod container to obtain sensitive cryptographic keys that could allow them to elevate their privileges. IBM X-Force ID: 200883.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5ibm/spectrum_scale5.1.0.1
NVDibm/spectrum_scale5.1.0.1

🔴Vulnerability Details

2
GHSA
GHSA-9vmj-vgqx-pv6v: IBM Spectrum Scale 52022-05-24
CVEList
CVE-2021-29708: IBM Spectrum Scale 52021-05-25
CVE-2021-29708 (MEDIUM CVSS 6.7) | IBM Spectrum Scale 5.1.0.1 could al | cvebase.io