CVE-2021-29847

Published: Dic 15, 2021 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2021-16321 Aliases: GSD-2021-29847
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: none
MEDIUM 4,3
Source: [email protected]
Access Vector: network
Access Complexity: medium
Authentication: none
Confidentiality: partial
Integrity: none
Availability: none

Description

AI Translation Available

BMC firmware (IBM Power System S821LC Server (8001-12C) OP825.50) configuration changed to allow an authenticated user to open an insecure communication channel which could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 205267.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0018
Percentile
0,4th
Updated

EPSS Score Trend (Last 91 Days)

Operating System

Power System Cs821Lc \(8005-12N\) Firmware by Ibm

Product Information
Vendor Ibm
Product Power System Cs821Lc \(8005-12N\) Firmware
Version Range Affected
To op825.51 (exclusive)
cpe:2.3:o:ibm:power_system_cs821lc_\(8005-12n\)_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Power System Cs822Lc \(8005-22N\) Firmware by Ibm

Product Information
Vendor Ibm
Product Power System Cs822Lc \(8005-22N\) Firmware
Version Range Affected
To op825.51 (exclusive)
cpe:2.3:o:ibm:power_system_cs822lc_\(8005-22n\)_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Power System S821Lc \(8001-12C\) Firmware by Ibm

Product Information
Vendor Ibm
Product Power System S821Lc \(8001-12C\) Firmware
Version Range Affected
To op825.51 (exclusive)
cpe:2.3:o:ibm:power_system_s821lc_\(8001-12c\)_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Power Hardware Management Console \(7063-Cr1\) Firmware by Ibm

Product Information
Vendor Ibm
Product Power Hardware Management Console \(7063-Cr1\) Firmware
Version Range Affected
To op825.51 (exclusive)
cpe:2.3:o:ibm:power_hardware_management_console_\(7063-cr1\)_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Power System S822Lc \(8001-22C\) Firmware by Ibm

Product Information
Vendor Ibm
Product Power System S822Lc \(8001-22C\) Firmware
Version Range Affected
To op825.51 (exclusive)
cpe:2.3:o:ibm:power_system_s822lc_\(8001-22c\)_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://exchange.xforce.ibmcloud.com/vulnerabilities/205267
VDB Entry Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/205267
https://www.ibm.com/support/pages/node/6520420
Vendor Advisory
https://www.ibm.com/support/pages/node/6520420
https://exchange.xforce.ibmcloud.com/vulnerabilities/205267
VDB Entry Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/205267
https://www.ibm.com/support/pages/node/6520420
Vendor Advisory
https://www.ibm.com/support/pages/node/6520420