CVE-2021-29696 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2021-29696

CWE

https://cwe.mitre.org/data/definitions/.html

IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.

Affected Software

Name	Vendor	Start Version	End Version
Cloud_pak_for_security	Ibm	1.5.0.0 (including)	1.5.0.0 (including)
Cloud_pak_for_security	Ibm	1.5.0.1 (including)	1.5.0.1 (including)
Cloud_pak_for_security	Ibm	1.6.0.0 (including)	1.6.0.0 (including)
Cloud_pak_for_security	Ibm	1.6.1.0 (including)	1.6.1.0 (including)
Cloud_pak_for_security	Ibm	1.7.0.0 (including)	1.7.0.0 (including)
Cloud_pak_for_security	Ibm	1.7.1.0 (including)	1.7.1.0 (including)

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/200597
https://www.ibm.com/support/pages/node/6476940