CVE-2021-20491 MEDIUM

CVE-2021-20491

Vendor Ibm
Product Spectrum Protect Server
Published April 16, 2021
Last update September 16, 2024

CVSS base score

4.4/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/I:N/A:H/UI:N/C:N/S:U/AV:L/AC:L/PR:H/RL:O/E:U/RC:C

What the vulnerability does

01Description

IBM Spectrum Protect Server 7.1 and 8.1 is subject to a stack-based buffer overflow caused by improper bounds checking during the parsing of commands. By issuing such a command with an improper parameter, an authorized administrator could overflow a buffer and cause the server to crash. IBM X-Force ID: 197792.

Key dates

02Disclosure timeline

April 16, 2021 CVE published
September 16, 2024 Record updated