// For flags

CVE-2021-29847

 

Severity Score

5.9
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

BMC firmware (IBM Power System S821LC Server (8001-12C) OP825.50) configuration changed to allow an authenticated user to open an insecure communication channel which could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 205267.

La configuración del firmware de BMC (IBM Power System S821LC Server (8001-12C) OP825.50) ha cambiado para permitir que un usuario autenticado abra un canal de comunicación no seguro que podría permitir a un atacante conseguir información confidencial usando técnicas de tipo man in the middle. IBM X-Force ID: 205267

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-03-31 CVE Reserved
  • 2021-12-15 CVE Published
  • 2023-07-08 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ibm
Search vendor "Ibm"
Power Hardware Management Console \(7063-cr1\) Firmware
Search vendor "Ibm" for product "Power Hardware Management Console \(7063-cr1\) Firmware"
< op825.51
Search vendor "Ibm" for product "Power Hardware Management Console \(7063-cr1\) Firmware" and version " < op825.51"
-
Affected
in Ibm
Search vendor "Ibm"
Power Hardware Management Console \(7063-cr1\)
Search vendor "Ibm" for product "Power Hardware Management Console \(7063-cr1\)"
--
Safe
Ibm
Search vendor "Ibm"
Power System Cs822lc \(8005-22n\) Firmware
Search vendor "Ibm" for product "Power System Cs822lc \(8005-22n\) Firmware"
< op825.51
Search vendor "Ibm" for product "Power System Cs822lc \(8005-22n\) Firmware" and version " < op825.51"
-
Affected
in Ibm
Search vendor "Ibm"
Power System Cs822lc \(8005-22n\)
Search vendor "Ibm" for product "Power System Cs822lc \(8005-22n\)"
--
Safe
Ibm
Search vendor "Ibm"
Power System Cs821lc \(8005-12n\) Firmware
Search vendor "Ibm" for product "Power System Cs821lc \(8005-12n\) Firmware"
< op825.51
Search vendor "Ibm" for product "Power System Cs821lc \(8005-12n\) Firmware" and version " < op825.51"
-
Affected
in Ibm
Search vendor "Ibm"
Power System Cs821lc \(8005-12n\)
Search vendor "Ibm" for product "Power System Cs821lc \(8005-12n\)"
--
Safe
Ibm
Search vendor "Ibm"
Power System S822lc \(8001-22c\) Firmware
Search vendor "Ibm" for product "Power System S822lc \(8001-22c\) Firmware"
< op825.51
Search vendor "Ibm" for product "Power System S822lc \(8001-22c\) Firmware" and version " < op825.51"
-
Affected
in Ibm
Search vendor "Ibm"
Power System S822lc \(8001-22c\)
Search vendor "Ibm" for product "Power System S822lc \(8001-22c\)"
--
Safe
Ibm
Search vendor "Ibm"
Power System S821lc \(8001-12c\) Firmware
Search vendor "Ibm" for product "Power System S821lc \(8001-12c\) Firmware"
< op825.51
Search vendor "Ibm" for product "Power System S821lc \(8001-12c\) Firmware" and version " < op825.51"
-
Affected
in Ibm
Search vendor "Ibm"
Power System S821lc \(8001-12c\)
Search vendor "Ibm" for product "Power System S821lc \(8001-12c\)"
--
Safe