CVE-2021-3723 HIGH

CVE-2021-3723

Vendor Ibm
Product IBM System x 3550 M3
Weakness CWE-78
Published November 12, 2021
Last update August 3, 2024

CVSS base score

7.2/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A command injection vulnerability was reported in the Integrated Management Module (IMM) of legacy IBM System x 3550 M3 and IBM System x 3650 M3 servers that could allow the execution of operating system commands over an authenticated SSH or Telnet session.

Key dates

02Disclosure timeline

November 12, 2021 CVE published
August 3, 2024 Record updated