CVE-2021-29665: 
IBM Security Verify Access (formerly ISAM) vulnerability analysis and mitigation

IBM Security Verify Access 20.07 is vulnerable to a stack-based buffer overflow vulnerability (CVE-2021-29665). The vulnerability is caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with elevated privileges. The vulnerability was disclosed and patched in May 2021 (IBM Support).

The vulnerability has a CVSS base score of 9.0 with the vector string CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H. The flaw exists in the bounds checking mechanism of IBM Security Verify Access, which can lead to a stack-based buffer overflow condition. This type of vulnerability typically occurs when data is written to a buffer without proper validation of the buffer's size (IBM Support).

The vulnerability can allow an attacker to execute arbitrary code on the affected system with elevated privileges. This means an attacker could potentially gain complete control over the system, compromising the confidentiality, integrity, and availability of the affected system (IBM Support).

IBM has released a patch for this vulnerability in version 21.04 of IBM Application Gateway. Users are advised to update their systems by pulling the latest docker image using the command: docker pull ibmcom/ibm-application-gateway:21.04. No workarounds are available for this vulnerability (IBM Support).