Vulnerability Details CVE-2021-29749
IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 201777.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.6%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 5.5
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/201777
- https://www.ibm.com/support/pages/node/6471621
- https://www.ibm.com/support/pages/node/6471623
- https://exchange.xforce.ibmcloud.com/vulnerabilities/201777
- https://www.ibm.com/support/pages/node/6471621
- https://www.ibm.com/support/pages/node/6471623
Products affected by CVE-2021-29749
-
cpe:2.3:a:ibm:secure_external_authentication_server:6.0.2
-
cpe:2.3:a:ibm:sterling_secure_proxy:6.0.2