9.8

CVE-2021-38969

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmSpectrum Virtualize Version8.2.0.0
IbmSpectrum Virtualize Version8.3.0.0
IbmSpectrum Virtualize Version8.4.0.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.68% 0.479
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
psirt@us.ibm.com 5.6 2.2 3.4
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://exchange.xforce.ibmcloud.com/vulnerabilities/212609
Vendor Advisory
VDB Entry
https://www.ibm.com/support/pages/node/6584337
Vendor Advisory