Vulnerability Details CVE-2021-39063
IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 214956.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.2%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.4
References
Products affected by CVE-2021-39063
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.0
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.1
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.1.142
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.2
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.2.209
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.2.219
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.2.247
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.2.271
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.2.303
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.2.350
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.3
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.3.236
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.3.286
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.4
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.4.145
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.4.179
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.4.222
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.4.254
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.4.277
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.5
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.5.2130
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.5.2153
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.5.2181
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.5.2199
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.6
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.7
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.8
-
cpe:2.3:a:ibm:spectrum_protect_plus:10.1.8.1
-
cpe:2.3:o:linux:linux_kernel:-