Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Data Virtualization on Cloud Pak for Data by IBM

    CVE-2021-38971 (GCVE-0-2021-38971)

    Vulnerability from nvd – Published: 2022-03-14 17:00 – Updated: 2024-09-17 01:06
    VLAI
    Summary
    IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Data Virtualization on Cloud Pak for Data Affected: 1.3.0
    Affected: 1.5.0
    Affected: 1.7.1
    Affected: 1.7.3
    Affected: 1.4.1
    Create a notification for this product.
    Date Public
    2022-03-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T01:51:20.825Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6551076"
              },
              {
                "name": "ibm-cp-cve202138971-info-disc (212620)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/212620"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Data Virtualization on Cloud Pak for Data",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.5.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.1"
                },
                {
                  "status": "affected",
                  "version": "1.7.3"
                },
                {
                  "status": "affected",
                  "version": "1.4.1"
                }
              ]
            }
          ],
          "datePublic": "2022-03-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 4.3,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/S:U/I:N/UI:N/AC:L/PR:H/C:H/AV:N/A:N/RC:C/RL:O/E:U",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-14T17:00:21.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/6551076"
            },
            {
              "name": "ibm-cp-cve202138971-info-disc (212620)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/212620"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2022-03-11T00:00:00",
              "ID": "CVE-2021-38971",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Data Virtualization on Cloud Pak for Data",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.3.0"
                              },
                              {
                                "version_value": "1.5.0"
                              },
                              {
                                "version_value": "1.7.1"
                              },
                              {
                                "version_value": "1.7.3"
                              },
                              {
                                "version_value": "1.4.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "H",
                  "I": "N",
                  "PR": "H",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/6551076",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 6551076 (Data Virtualization on Cloud Pak for Data)",
                  "url": "https://www.ibm.com/support/pages/node/6551076"
                },
                {
                  "name": "ibm-cp-cve202138971-info-disc (212620)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/212620"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2021-38971",
        "datePublished": "2022-03-14T17:00:21.310Z",
        "dateReserved": "2021-08-16T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:06:09.137Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-38971 (GCVE-0-2021-38971)

    Vulnerability from cvelistv5 – Published: 2022-03-14 17:00 – Updated: 2024-09-17 01:06
    VLAI
    Summary
    IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Data Virtualization on Cloud Pak for Data Affected: 1.3.0
    Affected: 1.5.0
    Affected: 1.7.1
    Affected: 1.7.3
    Affected: 1.4.1
    Create a notification for this product.
    Date Public
    2022-03-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T01:51:20.825Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6551076"
              },
              {
                "name": "ibm-cp-cve202138971-info-disc (212620)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/212620"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Data Virtualization on Cloud Pak for Data",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.3.0"
                },
                {
                  "status": "affected",
                  "version": "1.5.0"
                },
                {
                  "status": "affected",
                  "version": "1.7.1"
                },
                {
                  "status": "affected",
                  "version": "1.7.3"
                },
                {
                  "status": "affected",
                  "version": "1.4.1"
                }
              ]
            }
          ],
          "datePublic": "2022-03-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 4.3,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/S:U/I:N/UI:N/AC:L/PR:H/C:H/AV:N/A:N/RC:C/RL:O/E:U",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-14T17:00:21.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/6551076"
            },
            {
              "name": "ibm-cp-cve202138971-info-disc (212620)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/212620"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2022-03-11T00:00:00",
              "ID": "CVE-2021-38971",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Data Virtualization on Cloud Pak for Data",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "1.3.0"
                              },
                              {
                                "version_value": "1.5.0"
                              },
                              {
                                "version_value": "1.7.1"
                              },
                              {
                                "version_value": "1.7.3"
                              },
                              {
                                "version_value": "1.4.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "N",
                  "AC": "L",
                  "AV": "N",
                  "C": "H",
                  "I": "N",
                  "PR": "H",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/6551076",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 6551076 (Data Virtualization on Cloud Pak for Data)",
                  "url": "https://www.ibm.com/support/pages/node/6551076"
                },
                {
                  "name": "ibm-cp-cve202138971-info-disc (212620)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/212620"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2021-38971",
        "datePublished": "2022-03-14T17:00:21.310Z",
        "dateReserved": "2021-08-16T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:06:09.137Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }