VDB
CVE-2021-42550
CVE-2021-42550
PUBLISHED
CVSS 6.900000095367432 MEDIUM
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
EPSS 2.73% · 86.2th percentile
Risk Scores
CVSS v4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
2.73%
86.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM Spectrum Protect Plus 10.1 | |
| NetApp | NetApp ActiveIQ Unified Manager | |
| Red Hat | Red Hat FUSE <7.11.0 | |
| Red Hat | Red Hat Enterprise Linux | |
| Juniper | Juniper Junos Space <21.3R1 | |
| Juniper | Juniper Contrail Service Orchestration | |
| IBM | IBM Spectrum Protect plus 10.1 | |
| SUSE | SUSE Linux | |
| Hitachi | Hitachi Ops Center | |
| IBM | IBM QRadar SIEM | |
| JFrog | JFrog Artifactory | |
| Red Hat | Red Hat JBoss Enterprise Application Platform <7.1.10 | |
| Juniper | Juniper Junos Space Security Director <24.1R4 | |
| EMC | EMC Avamar | |
| IBM | IBM QRadar SIEM 7.4 | |
| Open Source | Open Source Logback <1.2.9 | |
| Open Source | Open Source Logback <1.3.0-alpha11 | |
| IBM | IBM QRadar SIEM 7.5 | |
| Red Hat | Red Hat JBoss Enterprise Application Platform <7.3.13 | |
| Debian | Debian Linux |
…and 5 more
Timeline
- Dec 16, 2021 CVE Published
- Dec 20, 2021 EPSS Score
- Jan 8, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 12, 2022 EPSS Score
- May 31, 2022 EPSS Score
- Jul 25, 2022 EPSS Score
- Oct 1, 2022 EPSS Score
- Nov 11, 2022 EPSS Score
- Feb 27, 2023 EPSS Score
- Jun 15, 2023 EPSS Score
- Oct 1, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0572.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0572 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2033560 advisory
- https://jira.qos.ch/browse/LOGBACK-1591 advisory
- https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-107/index.html advisory
- https://access.redhat.com/errata/RHSA-2022:1108 advisory
- https://access.redhat.com/errata/RHSA-2022:1110 advisory
- https://access.redhat.com/errata/RHSA-2022:5498 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-May/014769.html advisory
- https://www.ibm.com/support/pages/node/7153639 advisory
- https://ubuntu.com/security/notices/USN-7616-1 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1461.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1461 advisory
- https://www.ibm.com/support/pages/node/7005589 advisory
- https://www.ibm.com/support/pages/node/6620211 advisory
- https://www.ibm.com/support/pages/node/6619915 advisory
- https://www.ibm.com/support/pages/node/6621141 advisory
- https://www.ibm.com/support/pages/node/6619963 advisory
- https://www.ibm.com/support/pages/node/6621115 advisory
- https://www.ibm.com/support/pages/node/6619919 advisory
…and 57 more