CVE-2021-29859 is a vulnerability in IBM Cloud Pak Business Automation
Published on May 2, 2022
IBM ICP4A - User Management System Component (IBM Cloud Pak for Business Automation V21.0.3 through V21.0.3-IF008, V21.0.2 through V21.0.2-IF009, and V21.0.1 through V21.0.1-IF007) could allow a user with physical access to the system to perform unauthorized actions or obtain sensitive information due to insufficient validation and recvocation another user logouting out. IBM X-Force ID: 206081.
Products Associated with CVE-2021-29859
Want to know whenever a new CVE is published for IBM Cloud Pak Business Automation? stack.watch will email you.
Affected Versions
IBM Cloud Pak for Business Automation:- Version 18.0.0 is affected.
- Version 18.0.1 is affected.
- Version 18.0.2 is affected.
- Version 19.0.1 is affected.
- Version 19.0.2 is affected.
- Version 19.0.3 is affected.
- Version 20.0.1 is affected.
- Version 20.0.2 is affected.
- Version 20.0.3 is affected.
- Version 21.0.1 is affected.
- Version 21.0.2 is affected.
- Version 21.0.3 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.