Remote Access Vulnerability in IBM Spectrum Copy Data Management
CVE-2021-39052

5.6MEDIUM

Key Information:

Vendor: IBM
Status: Spectrum Copy Data Management
Vendor: CVE Published:; 13 December 2021

Summary

IBM Spectrum Copy Data Management versions 2.2.13 and earlier are vulnerable to unauthorized remote access through the Spring Boot console. Attackers may exploit this weakness to gain control over sensitive information and operational capabilities within the affected system. This vulnerability highlights the critical need for proper access controls to protect against potential threats.

Affected Version(s)

Spectrum Copy Data Management 2.2.13

References

https://www.ibm.com/support/pages/node/6525554

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/214523

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 13, 2021
Vulnerability Reserved
Aug 16, 2021