CVE-2021-29799: Medium severity ibm engineering requirements quality assistant vulnerability

Q: What is CVE-2021-29799?

CVE-2021-29799 is a vulnerability in IBM Engineering Requirements Quality Assistant On-Premises that allows an authenticated user to obtain sensitive information due to improper client-side validation.

Q: How does CVE-2021-29799 affect IBM Engineering Requirements Quality Assistant On-Premises?

CVE-2021-29799 affects all versions of IBM Engineering Requirements Quality Assistant On-Premises.

Q: What is the severity of CVE-2021-29799?

CVE-2021-29799 has a severity rating of medium (6.5 out of 10).

Q: How can an authenticated user exploit CVE-2021-29799?

An authenticated user can exploit CVE-2021-29799 by bypassing client-side validation to obtain sensitive information.

Q: Is there a fix available for CVE-2021-29799?

Yes, IBM has released a fix for CVE-2021-29799. Please refer to the IBM support page for more information.

Published Jul 7, 2022

Updated

IBM Engineering Requirements Quality Assistant could allow an authenticated user to obtain sensitive information due to improper client side validation.

Other sources

IBM Engineering Requirements Quality Assistant On-Premises (All versions) could allow an authenticated user to obtain sensitive information due to improper client side validation. IBM X-Force ID: 203738.

Affected Software

2 affected components

IBM Engineering Requirements Quality Assistant On-Premises

IBM Engineering Requirements Quality Assistant On-Premises<=All

Event History

Jul 7, 2022

CVE Published

via IBM·12:00 AM

Jul 18, 2022

CVE Published

via MITRE·05:00 PM

Data Sourced

via MITRE·05:00 PM

DescriptionSeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

IBM-6604005

Frequently Asked Questions

What is CVE-2021-29799?

CVE-2021-29799 is a vulnerability in IBM Engineering Requirements Quality Assistant On-Premises that allows an authenticated user to obtain sensitive information due to improper client-side validation.

How does CVE-2021-29799 affect IBM Engineering Requirements Quality Assistant On-Premises?

CVE-2021-29799 affects all versions of IBM Engineering Requirements Quality Assistant On-Premises.

What is the severity of CVE-2021-29799?