CVE-2021-29697 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2021-29697

CWE

https://cwe.mitre.org/data/definitions/.html

IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could allow a remote authenticated attacker to obtain sensitive information through HTTP requests that could be used in further attacks against the system.

Affected Software

Name	Vendor	Start Version	End Version
Cloud_pak_for_security	Ibm	1.5.0.0 (including)	1.5.0.0 (including)
Cloud_pak_for_security	Ibm	1.5.0.1 (including)	1.5.0.1 (including)
Cloud_pak_for_security	Ibm	1.6.0.0 (including)	1.6.0.0 (including)
Cloud_pak_for_security	Ibm	1.6.1.0 (including)	1.6.1.0 (including)
Cloud_pak_for_security	Ibm	1.7.0.0 (including)	1.7.0.0 (including)
Cloud_pak_for_security	Ibm	1.7.1.0 (including)	1.7.1.0 (including)

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/200598
https://www.ibm.com/support/pages/node/6476940