CVE-2021-29667
First published: Tue Apr 20 2021(Updated: )
IBM Spectrum Scale is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Spectrum Scale | <=5.0.0 - 5.0.5.6 | |
| IBM Spectrum Scale | <=5.1.0 - 5.1.0.2 | |
| IBM Spectrum Scale | >=5.0.0<=5.0.5.6 | |
| IBM Spectrum Scale | >=5.1.0<=5.1.0.2 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-29667?
CVE-2021-29667 is a vulnerability in IBM Spectrum Scale which allows a remote attacker to execute arbitrary commands on the system.
How severe is CVE-2021-29667?
CVE-2021-29667 has a severity score of 7.8 out of 10.
How does CVE-2021-29667 affect IBM Spectrum Scale?
CVE-2021-29667 affects IBM Spectrum Scale versions 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2.
How can a remote attacker exploit CVE-2021-29667?
A remote attacker can exploit CVE-2021-29667 by manipulating CSV files to execute arbitrary commands on the system.
Is Linux Linux kernel affected by CVE-2021-29667?
No, Linux Linux kernel is not affected by CVE-2021-29667.
- collector/ibm-support
- collector/nvd-index
- vendor/ibm
- canonical/ibm spectrum scale
- version/ibm spectrum scale/5.0.0 - 5.0.5.6
- version/ibm spectrum scale/5.1.0 - 5.1.0.2
- version/ibm spectrum scale/5.0.0
- version/ibm spectrum scale/5.0.5.6
- version/ibm spectrum scale/5.1.0
- version/ibm spectrum scale/5.1.0.2
- vendor/linux
- canonical/linux linux kernel