7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.005 Low
EPSS
Percentile
75.6%
IBM Safer Payments versions uses OpenSSL. This vulnerability is addressed.
CVEID:CVE-2021-3712
**DESCRIPTION:**OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending specially crafted data, an attacker could exploit this vulnerability to read contents of memory on the system or perform a denial of service attack.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/208073 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)
Affected Product(s): IBM Safer Payments
Version(s): 5.7.0.00 - 5.7.0.14, 6.0.0.00 - 6.0.0.11, 6.1.0.00 - 6.1.0.09, 6.2.0.00 - 6.2.1.04, and 6.3.0.00 - 6.3.0.01
Update IBM Safer Payments to version 5.7.0.15, 6.0.0.12, 6.1.0.10, 6.2.1.05, 6.3.0.02 or higher.
Refer to the IBM Safer Payments documentation to download the updates.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm safer payments | eq | 5.7 | |
ibm safer payments | eq | 6.0 | |
ibm safer payments | eq | 6.1 | |
ibm safer payments | eq | 6.2 | |
ibm safer payments | eq | 6.3 |
7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.005 Low
EPSS
Percentile
75.6%