CVE-2021-39016 — MEDIUM (4.3)

Vulnerability Description

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should be allowed for that actor. IBM X-Force ID: 213722.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Ibm	Engineering Lifecycle Optimization - Publishing	6.0.6
Ibm	Engineering Lifecycle Optimization Publishing	7.0
Linux	Linux Kernel	-
Microsoft	Windows	-

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/213722VDB EntryVendor Advisory
https://www.ibm.com/support/pages/node/6603335PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/213722VDB EntryVendor Advisory
https://www.ibm.com/support/pages/node/6603335PatchVendor Advisory

FAQ

What is CVE-2021-39016?

CVE-2021-39016 is a vulnerability with a CVSS score of 4.3 (MEDIUM). IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the so...

How severe is CVE-2021-39016?

CVE-2021-39016 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-39016?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Engineering Lifecycle Optimization - Publishing, Ibm Engineering Lifecycle Optimization Publishing, Linux Linux Kernel, Microsoft Windows.