CVE-2021-29775 : What You Need to Know

IBM Business Automation Workflow and Cloud Pak for Automation are affected by a cross-site scripting vulnerability allowing attackers to inject arbitrary JavaScript in the Web UI.

Understanding CVE-2021-29775

This vulnerability impacts IBM products, potentially leading to credential disclosure within a trusted session.

What is CVE-2021-29775?

IBM Business Automation Workflow versions 19.0.03 and 20.0, along with IBM Cloud Pak for Automation versions 20.0.3-IF002 and 21.0.1, suffer from a cross-site scripting flaw.

The Impact of CVE-2021-29775

The vulnerability enables threat actors to manipulate the Web UI, risking the integrity of user credentials and data.

Technical Details of CVE-2021-29775

The CVSS score for this vulnerability is 6.4, with a medium severity rating due to low confidentiality and integrity impact, but a high exploit code maturity.

Vulnerability Description

Attackers can execute arbitrary JavaScript code, compromising the intended functionality of the affected IBM products.

Affected Systems and Versions

IBM Business Automation Workflow versions 19.0.03, 20.0, and Cloud Pak for Automation versions 20.0.3-IF002, 21.0.1 are affected.

Exploitation Mechanism

Threat actors can embed malicious JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session.

Mitigation and Prevention

To address CVE-2021-29775, organizations should take immediate steps such as applying official fixes, followed by implementing long-term security practices and staying updated with patch releases.

Immediate Steps to Take

Apply official fixes provided by IBM and closely monitor systems for any signs of compromise.

Long-Term Security Practices

Ensure ongoing monitoring, conduct regular security assessments, and educate users about safe browsing practices.

Patching and Updates

Regularly update IBM Business Automation Workflow and Cloud Pak for Automation to the latest secure versions.