VDB
CVE-2021-38875
CVE-2021-38875
PUBLISHED
CVSS 4 MEDIUM
De multiples vulnérabilités ont été corrigées dans les produits <span class="textit">IBM</span>. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une injection de code indirecte à distance (XSS) et une atteinte à la confidentialité des données.
EPSS 0.20% · 41.8th percentile
Risk Scores
CVSS 2.0
4
EPSS Score
0.20%
41.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | Sterling Connect:Direct | |
| ibm | mq | 8.0.0.0, 9.0.0.0, 9.1.0 |
| n/a | Apache POI | Apache POI up to 4.1.0 |
| IBM | Sterling |
Exploit Intelligence
- [tika-user] 20191105 Is tika-parsers exposed to CVE-2019-12415 (circl)
- [tika-user] 20191105 Re: Is tika-parsers exposed to CVE-2019-12415 (circl)
- [tika-user] 20191106 Re: Is tika-parsers exposed to CVE-2019-12415 (circl)
- [lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1 (circl)
- https://www.oracle.com/security-alerts/cpuapr2020.html (circl)
- https://www.oracle.com/security-alerts/cpujul2020.html (circl)
- https://www.oracle.com/security-alerts/cpujan2020.html (circl)
- https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e%40%3Cannounce.apache.org%3E (circl)
- https://www.oracle.com/security-alerts/cpuoct2020.html (circl)
- https://www.oracle.com/security-alerts/cpujan2021.html (circl)
…and 115 more exploits
Timeline
- Jun 28, 2021 PoC Published
- Nov 23, 2021 CVE Published
- Nov 24, 2021 EPSS Score
- Nov 25, 2021 EPSS Score
- Dec 11, 2021 PoC Published
- Dec 13, 2021 PoC Published
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 14, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 8, 2022 EPSS Score
- Jun 7, 2022 PoC Published
References
- [tika-user] 20191105 Is tika-parsers exposed to CVE-2019-12415 mailing-list
- [tika-user] 20191105 Re: Is tika-parsers exposed to CVE-2019-12415 mailing-list
- [tika-user] 20191106 Re: Is tika-parsers exposed to CVE-2019-12415 mailing-list
- [lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1 mailing-list
- https://www.oracle.com/security-alerts/cpuapr2020.html url
- https://www.oracle.com/security-alerts/cpujul2020.html url
- https://www.oracle.com/security-alerts/cpujan2020.html url
- https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e%40%3Cannounce.apache.org%3E url
- https://www.oracle.com/security-alerts/cpuoct2020.html url
- https://www.oracle.com/security-alerts/cpujan2021.html url
- https://www.oracle.com/security-alerts/cpuApr2021.html url
- https://www.oracle.com//security-alerts/cpujul2021.html url
- https://www.oracle.com/security-alerts/cpuoct2021.html url
- https://nvd.nist.gov/vuln/detail/CVE-2021-38875 advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/208398 url
- https://www.ibm.com/support/pages/node/6517672 url