CVE-2021-39056
First published: Wed Jan 12 2022(Updated: )
The IBM i Extended Dynamic Remote SQL server (EDRSQL) could allow a remote authenticated user to send a specially crafted request and cause a denial of service.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM i | =7.1 | |
| IBM i | =7.2 | |
| IBM i | =7.3 | |
| IBM i | =7.4 | |
| IBM i | <=7.4 | |
| IBM i | <=7.3 | |
| IBM i | <=7.2 | |
| IBM i | <=7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2021-39056.
What is the severity level of CVE-2021-39056?
The severity level of CVE-2021-39056 is medium with a severity value of 6.5.
Which software versions are affected by CVE-2021-39056?
CVE-2021-39056 affects IBM i versions 7.1, 7.2, 7.3, and 7.4.
How can a remote authenticated user exploit CVE-2021-39056?
A remote authenticated user can exploit CVE-2021-39056 by sending a specially crafted request to the IBM i Extended Dynamic Remote SQL server (EDRSQL).
Is there any additional information available for CVE-2021-39056?
Yes, additional information can be found on the IBM X-Force ID: 214537 and IBM support pages.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/author
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/description
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm i
- version/ibm i/7.1
- version/ibm i/7.2
- version/ibm i/7.3
- version/ibm i/7.4