CVE-2021-38971

Published: Mar 14, 2022Modified: Nov 21, 2024

4.9

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.2 / Impact: 3.6

Source: NVD

Description

IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620.

Affected (4)

Products: Ibm: Data Virtualization On Cloud Pak For Data

Ibm

1 product

Data Virtualization On Cloud Pak For Data

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Ibm Data Virtualization On Cloud Pak For Data	From 1.7.1 to 1.7.3
Ibm Data Virtualization On Cloud Pak For Data	Version 1.3.0
Ibm Data Virtualization On Cloud Pak For Data	Version 1.4.1
Ibm Data Virtualization On Cloud Pak For Data	Version 1.5.0

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/212620

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6551076

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/212620

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6551076

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.