CVE-2021-29873

Summary

CVE	CVE-2021-29873
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-10-21 17:15:00 UTC
Updated	2022-07-12 17:42:00 UTC
Description	IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and cause a denial of service due to a restricted shell escape vulnerability. IBM X-Force ID: 206229.

Risk And Classification

Problem Types: NVD-CWE-noinfo

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Ibm	Flashsystem 9000	-	All	All	All
Operating System	Ibm	Flashsystem 9000 Firmware	All	All	All	All
Hardware	Ibm	Flashsystem 9100	-	All	All	All
Operating System	Ibm	Flashsystem 9100 Firmware	All	All	All	All
Operating System	Ibm	San Volume Controller Firmware	All	All	All	All
Application	Ibm	Spectrum Virtualize	All	All	All	All
Application	Ibm	Spectrum Virtualize For Public Cloud	All	All	All	All
Application	Ibm	Storwize V3500 Software	All	All	All	All
Application	Ibm	Storwize V3700 Software	All	All	All	All
Application	Ibm	Storwize V5000 Software	All	All	All	All
Application	Ibm	Storwize V5100 Software	All	All	All	All
Application	Ibm	Storwize V7000 Software	All	All	All	All

References

Reference	Source	Link	Tags
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
Security Bulletin: A vulnerability exists in the restricted shell of the IBM FlashSystem 900	CONFIRM	www.ibm.com
Security Bulletin: Vulnerability in sed affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem V9000 products	CONFIRM	www.ibm.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.