Vulnerability Details CVE-2021-29873
IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and cause a denial of service due to a restricted shell escape vulnerability. IBM X-Force ID: 206229.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.6%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 5.5
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/206229
- https://www.ibm.com/support/pages/node/6497111
- https://www.ibm.com/support/pages/node/6507091
- https://exchange.xforce.ibmcloud.com/vulnerabilities/206229
- https://www.ibm.com/support/pages/node/6497111
- https://www.ibm.com/support/pages/node/6507091
Products affected by CVE-2021-29873
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.0.0
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.0.1
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.0.2
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.0
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.1
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.10
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.11
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.12
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.2
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.3
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.4
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.5
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.6
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.7
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.8
-
cpe:2.3:a:ibm:spectrum_virtualize:7.8.1.9
-
cpe:2.3:a:ibm:spectrum_virtualize:8.1.0.0
-
cpe:2.3:a:ibm:spectrum_virtualize:8.1.0.1
-
cpe:2.3:a:ibm:spectrum_virtualize:8.1.0.2
-
cpe:2.3:a:ibm:spectrum_virtualize:8.1.1.0
-
cpe:2.3:a:ibm:spectrum_virtualize:8.1.1.1
-
cpe:2.3:a:ibm:spectrum_virtualize:8.1.1.2
-
cpe:2.3:a:ibm:spectrum_virtualize:8.1.2.0
-
cpe:2.3:a:ibm:spectrum_virtualize:8.1.2.1
-
cpe:2.3:a:ibm:spectrum_virtualize:8.1.3.5
-
cpe:2.3:a:ibm:spectrum_virtualize:8.1.3.6
-
cpe:2.3:a:ibm:spectrum_virtualize:8.2.0.0
-
cpe:2.3:a:ibm:spectrum_virtualize:8.2.1.4
-
cpe:2.3:a:ibm:spectrum_virtualize:8.2.1.5
-
cpe:2.3:a:ibm:spectrum_virtualize:8.2.1.6
-
cpe:2.3:a:ibm:spectrum_virtualize:8.3.0.0
-
cpe:2.3:a:ibm:spectrum_virtualize:8.3.0.1
-
cpe:2.3:a:ibm:spectrum_virtualize:8.3.0.2
-
cpe:2.3:a:ibm:spectrum_virtualize:8.3.0.3
-
cpe:2.3:a:ibm:spectrum_virtualize:8.3.1
-
cpe:2.3:a:ibm:spectrum_virtualize:8.3.1.1
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.0.0
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.0.1
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.0.2
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.0
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.1
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.10
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.11
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.12
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.2
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.3
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.4
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.5
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.6
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.7
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.8
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:7.8.1.9
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.1.0.0
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.1.0.1
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.1.0.2
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.1.1.0
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.1.1.1
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.1.1.2
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.1.2.0
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.1.2.1
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.1.3.5
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.1.3.6
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.2.1.4
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.2.1.5
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.2.1.6
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.3.0.0
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.3.0.1
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.3.0.2
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.3.0.3
-
cpe:2.3:a:ibm:spectrum_virtualize_for_public_cloud:8.3.1.1
-
cpe:2.3:a:ibm:storwize_v3500_software:7.8.0.0
-
cpe:2.3:a:ibm:storwize_v3500_software:7.8.0.1
-
cpe:2.3:a:ibm:storwize_v3500_software:7.8.0.2
-
cpe:2.3:a:ibm:storwize_v3500_software:7.8.1.0
-
cpe:2.3:a:ibm:storwize_v3500_software:7.8.1.1
-
cpe:2.3:a:ibm:storwize_v3500_software:7.8.1.2
-
cpe:2.3:a:ibm:storwize_v3500_software:7.8.1.3
-
cpe:2.3:a:ibm:storwize_v3500_software:7.8.1.4
-
cpe:2.3:a:ibm:storwize_v3500_software:7.8.1.5
-
cpe:2.3:a:ibm:storwize_v3500_software:7.8.1.6
-
cpe:2.3:a:ibm:storwize_v3500_software:8.1.0.0
-
cpe:2.3:a:ibm:storwize_v3500_software:8.1.0.1
-
cpe:2.3:a:ibm:storwize_v3500_software:8.1.0.2
-
cpe:2.3:a:ibm:storwize_v3500_software:8.1.1.0
-
cpe:2.3:a:ibm:storwize_v3500_software:8.1.1.1
-
cpe:2.3:a:ibm:storwize_v3500_software:8.1.1.2
-
cpe:2.3:a:ibm:storwize_v3700_software:7.8.0.0
-
cpe:2.3:a:ibm:storwize_v3700_software:7.8.0.1
-
cpe:2.3:a:ibm:storwize_v3700_software:7.8.0.2
-
cpe:2.3:a:ibm:storwize_v3700_software:7.8.1.0
-
cpe:2.3:a:ibm:storwize_v3700_software:7.8.1.1
-
cpe:2.3:a:ibm:storwize_v3700_software:7.8.1.2
-
cpe:2.3:a:ibm:storwize_v3700_software:7.8.1.3
-
cpe:2.3:a:ibm:storwize_v3700_software:7.8.1.4
-
cpe:2.3:a:ibm:storwize_v3700_software:7.8.1.5
-
cpe:2.3:a:ibm:storwize_v3700_software:7.8.1.6
-
cpe:2.3:a:ibm:storwize_v3700_software:8.1.0.0
-
cpe:2.3:a:ibm:storwize_v3700_software:8.1.0.1
-
cpe:2.3:a:ibm:storwize_v3700_software:8.1.0.2
-
cpe:2.3:a:ibm:storwize_v3700_software:8.1.1.0
-
cpe:2.3:a:ibm:storwize_v3700_software:8.1.1.1
-
cpe:2.3:a:ibm:storwize_v3700_software:8.1.1.2
-
cpe:2.3:a:ibm:storwize_v5000_software:*
-
cpe:2.3:a:ibm:storwize_v5100_software:*
-
cpe:2.3:a:ibm:storwize_v7000_software:*
-
cpe:2.3:h:ibm:flashsystem_9000:-
-
cpe:2.3:h:ibm:flashsystem_9100:-
-
cpe:2.3:o:ibm:flashsystem_9000_firmware:*
-
cpe:2.3:o:ibm:flashsystem_9100_firmware:*
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.0.0
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.0.1
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.0.2
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.0
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.1
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.10
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.11
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.12
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.2
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.3
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.4
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.5
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.6
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.7
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.8
-
cpe:2.3:o:ibm:san_volume_controller_firmware:7.8.1.9
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.1
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.1.0.0
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.1.0.1
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.1.0.2
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.1.1.0
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.1.1.1
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.1.1.2
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.1.2.0
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.1.2.1
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.1.3.5
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.1.3.6
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.2.1.4
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.2.1.5
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.2.1.6
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.3.0.0
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.3.0.1
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.3.0.2
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.3.0.3
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.3.1
-
cpe:2.3:o:ibm:san_volume_controller_firmware:8.3.1.1