Unrated severityNVD Advisory· Published Apr 26, 2021· Updated Sep 16, 2024

CVE-2021-20432

Description

IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 196344.

Affected products

IBM/Spectrum Protect Servercpe-rescue
Range: 10.1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

exchange.xforce.ibmcloud.com/vulnerabilities/196344mitrevdb-entryx_refsource_XF
www.ibm.com/support/pages/node/6445733mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000