Information Disclosure Vulnerability in IBM Spectrum Protect Operations Center
CVE-2021-38901

5.1MEDIUM

Key Information:

Vendor: IBM
Status: Spectrum Protect Operations Center
Vendor: CVE Published:; 13 December 2021

Summary

IBM Spectrum Protect Operations Center 7.1, when configured in specific ways, may enable a local user to access highly sensitive information that should be protected, resulting in potential unauthorized exposure of confidential data. Administrators are urged to review their configurations and apply recommended security practices to mitigate the risk associated with this vulnerability.

Affected Version(s)

Spectrum Protect Operations Center 7.1

References

https://www.ibm.com/support/pages/node/6524924

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/209610

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 13, 2021
Vulnerability Reserved
Aug 16, 2021