CVE-2021-38959
First published: Tue Nov 16 2021(Updated: )
IBM SPSS Statistics could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM SPSS Statistics | <=28.0 | |
| IBM SPSS Statistics | <=27.0.1 | |
| IBM SPSS Statistics | <=27.0 | |
| IBM SPSS Statistics | <=26.0 | |
| IBM SPSS Statistics | <=25.0 | |
| IBM SPSS Statistics | <=24.0 | |
| IBM SPSS Statistics for Windows | =24.0.0.0 | |
| IBM SPSS Statistics for Windows | =25.0.0.0 | |
| IBM SPSS Statistics for Windows | =26.0.0.0 | |
| IBM SPSS Statistics for Windows | =27.0.0.0 | |
| IBM SPSS Statistics for Windows | =27.0.1.0 | |
| IBM SPSS Statistics for Windows | =28.0.0.0 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-38959?
CVE-2021-38959 has a medium severity rating as it allows a local user to cause a denial of service.
How do I fix CVE-2021-38959?
To fix CVE-2021-38959, you should update IBM SPSS Statistics to the latest version available that addresses this vulnerability.
Which versions of IBM SPSS Statistics are affected by CVE-2021-38959?
CVE-2021-38959 affects IBM SPSS Statistics versions 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0.
What type of vulnerability is CVE-2021-38959?
CVE-2021-38959 is classified as a denial of service vulnerability.
Who is at risk from CVE-2021-38959?
Local users of IBM SPSS Statistics for Windows are at risk from CVE-2021-38959.
- agent/references
- agent/softwarecombine
- agent/first-publish-date
- agent/type
- agent/author
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- agent/tags
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ibm
- canonical/ibm spss statistics
- version/ibm spss statistics/28.0
- version/ibm spss statistics/27.0.1
- version/ibm spss statistics/27.0
- version/ibm spss statistics/26.0
- version/ibm spss statistics/25.0
- version/ibm spss statistics/24.0
- canonical/ibm spss statistics for windows
- version/ibm spss statistics for windows/24.0.0.0
- version/ibm spss statistics for windows/25.0.0.0
- version/ibm spss statistics for windows/26.0.0.0
- version/ibm spss statistics for windows/27.0.0.0
- version/ibm spss statistics for windows/27.0.1.0
- version/ibm spss statistics for windows/28.0.0.0
- vendor/microsoft
- canonical/microsoft windows