CVE-2021-3723

Severity CVSS v4.0:
Pending analysis
Type:
CWE-78 OS Command Injections
Publication date:
12/11/2021
Last modified:
17/11/2021

Description

A command injection vulnerability was reported in the Integrated Management Module (IMM) of legacy IBM System x 3550 M3 and IBM System x 3650 M3 servers that could allow the execution of operating system commands over an authenticated SSH or Telnet session.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:ibm:system_x3550_m3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ibm:system_x3550_m3:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:system_x3650_m3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ibm:system_x3650_m3:-:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools