What is CVE-2021-29794?

CVE-2021-29794 is a vulnerability in IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 that allows an attacker to decrypt highly sensitive information due to insecure SSH server configuration.

What is the severity of CVE-2021-29794?

The severity of CVE-2021-29794 is high, with a severity value of 7.5.

How does CVE-2021-29794 affect IBM Tivoli Netcool/Impact?

CVE-2021-29794 affects IBM Tivoli Netcool/Impact versions 7.1.0.20 and 7.1.0.21.

How can an attacker exploit CVE-2021-29794?

An attacker can exploit CVE-2021-29794 by leveraging the insecure SSH server configuration to decrypt highly sensitive information.

Is there a fix or patch available for CVE-2021-29794?

Yes, IBM has provided a fix for CVE-2021-29794. Please refer to the IBM support page for more information.

Vulnerability/
CVE-2021-29794

high

7.5

CWE

327

15/6/2021

12/7/2021

17/9/2024

CVE-2021-29794

First published: Tue Jun 15 2021(Updated: )

IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which enables weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
Ibm Tivoli Netcool\/impact	=7.1.0.20
Ibm Tivoli Netcool\/impact	=7.1.0.21
	<=7.1.0.20 ~ 7.1.0.21

Remedy

https://www.ibm.com/support/pages/node/6469953

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6469953

Frequently Asked Questions

What is CVE-2021-29794?
CVE-2021-29794 is a vulnerability in IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 that allows an attacker to decrypt highly sensitive information due to insecure SSH server configuration.
What is the severity of CVE-2021-29794?
The severity of CVE-2021-29794 is high, with a severity value of 7.5.
How does CVE-2021-29794 affect IBM Tivoli Netcool/Impact?
CVE-2021-29794 affects IBM Tivoli Netcool/Impact versions 7.1.0.20 and 7.1.0.21.
How can an attacker exploit CVE-2021-29794?
An attacker can exploit CVE-2021-29794 by leveraging the insecure SSH server configuration to decrypt highly sensitive information.
Is there a fix or patch available for CVE-2021-29794?
Yes, IBM has provided a fix for CVE-2021-29794. Please refer to the IBM support page for more information.

collector/nvd-index
agent/references
agent/first-publish-date
agent/type
agent/weakness
agent/author
agent/remedy
agent/severity
agent/description
agent/softwarecombine
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/tags
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
vendor/ibm
canonical/ibm tivoli netcool\/impact
version/ibm tivoli netcool\/impact/7.1.0.20
version/ibm tivoli netcool\/impact/7.1.0.21
canonical/ibm tivoli netcool impact
version/ibm tivoli netcool impact/7.1.0.20 ~ 7.1.0.21

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.