Vulnerabilities > CVE-2021-20501 - Unspecified vulnerability in IBM I

CVSS 8.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

HIGH

network

low complexity

ibm

NVD

Published: 2021-04-21

Updated: 2022-07-12

Summary

IBM i 7.1, 7.2, 7.3, and 7.4 SMTP allows a network attacker to send emails to non-existent local-domain recipients to the SMTP server, caused by using a non-default configuration. An attacker could exploit this vulnerability to consume unnecessary network bandwidth and disk space, and allow remote attackers to send spam email. IBM X-Force ID: 198056.

Vulnerable Configurations

Part	Description	Count
OS	Ibm IBM I 7.2 IBM I 7.1 IBM I 7.3 IBM I 7.4	4

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/198056
https://www.ibm.com/support/pages/node/6445505