Vulnerability Description
IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 214956.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Spectrum Protect Plus | >= 10.1.0, < 10.1.9 |
| Linux | Linux Kernel | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/214956VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6525346PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/214956VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6525346PatchVendor Advisory
FAQ
What is CVE-2021-39063?
CVE-2021-39063 is a vulnerability with a CVSS score of 9.1 (CRITICAL). IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information due to a ...
How severe is CVE-2021-39063?
CVE-2021-39063 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-39063?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Spectrum Protect Plus, Linux Linux Kernel.