CVE-2021-29908 — CRITICAL (9.8)

Vulnerability Description

The IBM TS7700 Management Interface is vulnerable to unauthenticated access. By accessing a specially-crafted URL, an attacker may gain administrative access to the Management Interface without authentication. IBM X-Force ID: 207747.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Ibm	Ts7700 Firmware	8.51.0.63
Ibm	Ts7700	-

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/207747VDB EntryVendor Advisory
https://www.ibm.com/support/pages/node/6495469Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/207747VDB EntryVendor Advisory
https://www.ibm.com/support/pages/node/6495469Vendor Advisory

FAQ

What is CVE-2021-29908?

CVE-2021-29908 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The IBM TS7700 Management Interface is vulnerable to unauthenticated access. By accessing a specially-crafted URL, an attacker may gain administrative access to the Management Interface without authen...

How severe is CVE-2021-29908?

CVE-2021-29908 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2021-29908?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Ts7700 Firmware, Ibm Ts7700.