Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2021-29859

IBM ICP4A - User Management System Component (IBM Cloud Pak for Business Automation V21.0.3 through V21.0.3-IF008, V21.0.2 through V21.0.2-IF009, and V21.0.1 through V21.0.1-IF007) could allow a user with physical access to the system to perform unauthorized actions or obtain sensitive information due to insufficient validation and recvocation another user logouting out. IBM X-Force ID: 206081.

  • Published: May 2, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-29859
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.8
  • AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: Low
  • Score: 4.6
  • AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_007 21.0.1-interim_fix_007.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_004 21.0.1-interim_fix_004.x
ibm / cloud_pak_for_business_automation 21.0.1 21.0.1.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_002 21.0.1-interim_fix_002.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_003 21.0.1-interim_fix_003.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_006 21.0.1-interim_fix_006.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_005 21.0.1-interim_fix_005.x
ibm / cloud_pak_for_business_automation 21.0.1-interim_fix_001 21.0.1-interim_fix_001.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_009 21.0.2-interim_fix_009.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_007 21.0.2-interim_fix_007.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_004 21.0.2-interim_fix_004.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_008 21.0.2-interim_fix_008.x
ibm / cloud_pak_for_business_automation 21.0.2 21.0.2.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_002 21.0.2-interim_fix_002.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_003 21.0.2-interim_fix_003.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_006 21.0.2-interim_fix_006.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_005 21.0.2-interim_fix_005.x
ibm / cloud_pak_for_business_automation 21.0.2-interim_fix_001 21.0.2-interim_fix_001.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_003 21.0.3-interim_fix_003.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_006 21.0.3-interim_fix_006.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_005 21.0.3-interim_fix_005.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_001 21.0.3-interim_fix_001.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_007 21.0.3-interim_fix_007.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_004 21.0.3-interim_fix_004.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_008 21.0.3-interim_fix_008.x
ibm / cloud_pak_for_business_automation 21.0.3 21.0.3.x
ibm / cloud_pak_for_business_automation 21.0.3-interim_fix_002 21.0.3-interim_fix_002.x