Privilege Escalation in IBM Spectrum Virtualize Products
CVE-2020-4686

6.8MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
17 August 2020

Summary

IBM Spectrum Virtualize 8.3.1 is susceptible to a security vulnerability that could allow an authenticated remote user to elevate their privileges. This escalation could enable the user to execute actions beyond their intended access rights, posing potential risks to system integrity and data security. The vulnerability arises specifically in systems leveraging LDAP for user authentication, highlighting the importance of robust security measures and ongoing monitoring to mitigate unauthorized access.

Affected Version(s)

SAN Volume Controller and Storwize Family 8.3.1

References

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.