Improper Handling of Requests in IBM Spectrum Copy Data Management Admin Console Allows for Information Disclosure

Improper Handling of Requests in IBM Spectrum Copy Data Management Admin Console Allows for Information Disclosure

CVE-2021-39053 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to obtain sensitive information, caused by the improper handling of requests for Spectrum Copy Data Management Admin Console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 214524.

Learn more about our Web Application Penetration Testing UK.