PT-2021-22370 · Ibm · Ibm Spectrum Copy Data Management
Published
2021-12-13
·
Updated
2023-08-08
·
CVE-2021-39064
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Spectrum Copy Data Management versions 2.2.13 and earlier
Description
The issue is related to weak authentication and password rules, and incorrect handling of default credentials for the Spectrum Copy Data Management Admin console.
Recommendations
For IBM Spectrum Copy Data Management versions 2.2.13 and earlier, update to a version that addresses the weak authentication and password rules, and correctly handles default credentials for the Admin console.
As a temporary workaround, consider restricting access to the Spectrum Copy Data Management Admin console until a patch is available.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Spectrum Copy Data Management