What is the severity of CVE-2021-38971?

CVE-2021-38971 is classified as a medium severity vulnerability.

How do I fix CVE-2021-38971?

To remediate CVE-2021-38971, update IBM Data Virtualization on Cloud Pak for Data to a version that is not affected by this vulnerability.

Who is affected by CVE-2021-38971?

Users of IBM Data Virtualization on Cloud Pak for Data versions 1.3.0, 1.4.1, 1.5.0, 1.7.1, and 1.7.3 are at risk of CVE-2021-38971.

What type of vulnerability is CVE-2021-38971?

CVE-2021-38971 is a data exposure vulnerability that allows for unauthorized bypassing of data masking rules.

Can CVE-2021-38971 affect authorized users?

Yes, CVE-2021-38971 can allow authorized users to bypass data masking and access sensitive information.

Vulnerability/
CVE-2021-38971

medium

4.9

25/1/2022

11/3/2022

4/8/2024

CVE-2021-38971

First published: Tue Jan 25 2022(Updated: )

IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an authorized user to bypass data masking rules and obtain sensitve information. IBM X-Force ID: 212620.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Data Virtualization on Cloud Pak for Data	>=1.7.1<=1.7.3
IBM Data Virtualization on Cloud Pak for Data	=1.3.0
IBM Data Virtualization on Cloud Pak for Data	=1.4.1
IBM Data Virtualization on Cloud Pak for Data	=1.5.0
IBM Data Virtualization(DV) on Cloud Pak for Data(CPD)	<=1.3.0
IBM Data Virtualization(DV) on Cloud Pak for Data(CPD)	<=1.4.1
IBM Data Virtualization(DV) on Cloud Pak for Data(CPD)	<=1.5.0
IBM Data Virtualization(DV) on Cloud Pak for Data(CPD)	<=1.7.1 - 1.7.3
IBM Data Virtualization(DV) on Cloud Pak for Data(CPD)	<=1.7.3

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6551076

Frequently Asked Questions

What is the severity of CVE-2021-38971?
CVE-2021-38971 is classified as a medium severity vulnerability.
How do I fix CVE-2021-38971?
To remediate CVE-2021-38971, update IBM Data Virtualization on Cloud Pak for Data to a version that is not affected by this vulnerability.
Who is affected by CVE-2021-38971?
Users of IBM Data Virtualization on Cloud Pak for Data versions 1.3.0, 1.4.1, 1.5.0, 1.7.1, and 1.7.3 are at risk of CVE-2021-38971.
What type of vulnerability is CVE-2021-38971?
CVE-2021-38971 is a data exposure vulnerability that allows for unauthorized bypassing of data masking rules.
Can CVE-2021-38971 affect authorized users?
Yes, CVE-2021-38971 can allow authorized users to bypass data masking and access sensitive information.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/last-modified-date
agent/author
agent/severity
agent/description
agent/event
agent/trending
agent/tags
agent/source
vendor/ibm
canonical/ibm data virtualization on cloud pak for data
version/ibm data virtualization on cloud pak for data/1.7.1
version/ibm data virtualization on cloud pak for data/1.7.3
version/ibm data virtualization on cloud pak for data/1.3.0
version/ibm data virtualization on cloud pak for data/1.4.1
version/ibm data virtualization on cloud pak for data/1.5.0
canonical/ibm data virtualization(dv) on cloud pak for data(cpd)
version/ibm data virtualization(dv) on cloud pak for data(cpd)/1.3.0
version/ibm data virtualization(dv) on cloud pak for data(cpd)/1.4.1
version/ibm data virtualization(dv) on cloud pak for data(cpd)/1.5.0
version/ibm data virtualization(dv) on cloud pak for data(cpd)/1.7.1 - 1.7.3
version/ibm data virtualization(dv) on cloud pak for data(cpd)/1.7.3

Frequently Asked Questions

What is the severity of CVE-2021-38971?
CVE-2021-38971 is classified as a medium severity vulnerability.
How do I fix CVE-2021-38971?
To remediate CVE-2021-38971, update IBM Data Virtualization on Cloud Pak for Data to a version that is not affected by this vulnerability.
Who is affected by CVE-2021-38971?
Users of IBM Data Virtualization on Cloud Pak for Data versions 1.3.0, 1.4.1, 1.5.0, 1.7.1, and 1.7.3 are at risk of CVE-2021-38971.
What type of vulnerability is CVE-2021-38971?
CVE-2021-38971 is a data exposure vulnerability that allows for unauthorized bypassing of data masking rules.
Can CVE-2021-38971 affect authorized users?
Yes, CVE-2021-38971 can allow authorized users to bypass data masking and access sensitive information.

CVE-2021-38971

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2021-38971?

How do I fix CVE-2021-38971?

Who is affected by CVE-2021-38971?

What type of vulnerability is CVE-2021-38971?

Can CVE-2021-38971 affect authorized users?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2021-38971?

How do I fix CVE-2021-38971?

Who is affected by CVE-2021-38971?

What type of vulnerability is CVE-2021-38971?

Can CVE-2021-38971 affect authorized users?