Denial of Service Vulnerability in IBM Engineering Requirements Quality Assistant
CVE-2021-29899

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Engineering Requirements Quality Assistant
Vendor: CVE Published:; 18 March 2022

Summary

IBM Engineering Requirements Quality Assistant prior to version 3.1.3 is vulnerable to a Denial of Service (DoS) attack. An authenticated user could exploit this vulnerability to disrupt the availability of the service, potentially leaving it inaccessible to legitimate users. Organizations using affected versions should consider upgrading to mitigate the risk of service interruption. For further information, refer to the official IBM documentation and vulnerability database entries.

Affected Version(s)

Engineering Requirements Quality Assistant On-Premises

References

https://www.ibm.com/support/pages/node/6564317

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/207413

vdb-entryx_refsource_XF

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 18, 2022
Vulnerability Reserved
Mar 31, 2021