CVE-2021-29672

8.4HIGH

Key Information:

Vendor: IBM
Status: Spectrum Protect For Space Management
Vendor: CVE Published:; 26 April 2021

Summary

IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale settings. A local attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges or cause the application to crash. IBM X-Force ID: 199479

Affected Version(s)

Spectrum Protect for Space Management 8.1.0.0

Spectrum Protect for Space Management 8.1.11.0

References

https://www.ibm.com/support/pages/node/6445497

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/199479

vdb-entryx_refsource_XF

https://security.gentoo.org/glsa/202209-02

vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 26, 2021
Vulnerability Reserved
Mar 31, 2021

.