CVE-2021-38930

3 documents3 sources

Severity

7.5HIGH

EPSS

0.2%

top 52.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Hardware Management Console IBM System Storage Ds8000 Management Console Firmware

Timeline

PublishedApr 11

Latest updateApr 12

Description

IBM System Storage DS8000 Management Console (HMC) R8.5 88.5x.x.x, R9.1 89.1x.0.0, and R9.2 89.2x.0.0 could allow a remote attacker to obtain sensitive information through unpublished URLs. IBM X-Force ID: 210331.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDibm/system_storage_ds8000_management_console_firmware88.50.0.0, 89.10.0.0, 89.20.0.0+2

▶CVEListV5ibm/hardware_management_consoleR8.5 88.5x.x.x, R9.1 89.1x.0.0, R9.2 89.2x.0.0+2

🔴Vulnerability Details

GHSA

GHSA-rq6w-7m8g-gv5v: IBM System Storage DS8000 Management Console (HMC) R8↗2022-04-12

▶

CVEList

CVE-2021-38930: IBM System Storage DS8000 Management Console (HMC) R8↗2022-04-11

▶