IBM4B4A31126CD7F7078706923EC3207053C28FD65CE14B06411384329AFE4C5538Security Bulletin: Vulnerability identified in XCC affects IBM Cloud Pak System (CVE-2021-3473)
0.001 Low
EPSS
Percentile
28.6%
Summary
Vulnerability identified in Lenovo XCC component bundled with IBM Cloud Pak System. Information about vulnerability has been published in a security advisiory.
Vulnerability Details
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Cloud Pak System | 2.3 |
Remediation/Fixes
For unsupported versions IBM recommends upgrading to a fixed, supported version of the product.
Review the information below recommendation is to apply fix as soon as practical.
CVE(s)|Main Product/System|Affected Supporting Product|** Remediation / Fix**
—|—|—|—
CVE-2021-3473| Cloud Pak System, Machine Types: S630 7X01,7X02| XCC
|
If you are running backup and restore XLCA for IMM, apply lnvgy_fw_xcc_cdi370q-6.00_anyos_noarch.chg at <https://datacentersupport.lenovo.com/us/en/downloads/ds549001>
or
Upgrade to Cloud Pak System V2.3.3.4 targeted or available on 4Q2021.
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm cloud pak system | eq | 2.3 |
Related
0.001 Low
EPSS
Percentile
28.6%