CVE-2021-29847
MEDIUMIBM Power System S821LC Server (8001-12C) OP825.50 - Info Disclosure
Title source: llmDescription
BMC firmware (IBM Power System S821LC Server (8001-12C) OP825.50) configuration changed to allow an authenticated user to open an insecure communication channel which could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 205267.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/pages/node/6520420
VDB Entry, Vendor Advisory vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/205267
Scores
CVSS v3
5.9
EPSS
0.0018
EPSS Percentile
38.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
Status
published
Products (5)
ibm/power_hardware_management_console_\(7063-cr1\)_firmware
< op825.51
ibm/power_system_cs821lc_\(8005-12n\)_firmware
< op825.51
ibm/power_system_cs822lc_\(8005-22n\)_firmware
< op825.51
ibm/power_system_s821lc_\(8001-12c\)_firmware
< op825.51
ibm/power_system_s822lc_\(8001-22c\)_firmware
< op825.51
Published
Dec 15, 2021
Tracked Since
Feb 18, 2026