Arbitrary Code Execution in IBM Spectrum Protect Operations Center
CVE-2020-4693

9.1CRITICAL

Key Information:

Vendor
IBM
Status
Spectrum Protect Operations Center
Vendor
CVE Published:
2 September 2020

Summary

IBM Spectrum Protect Operations Center versions ranging from 7.1.0.000 to 7.1.10 and from 8.1.0.000 to 8.1.9 are susceptible to arbitrary code execution due to a flaw in data validation prior to export. This issue could allow an attacker to manipulate the system to execute malicious code, resulting in potential unauthorized actions or system compromise. For further details, please refer to the official IBM support page and the IBM X-Force vulnerability database.

Affected Version(s)

Spectrum Protect Operations Center 7.1.0.000

Spectrum Protect Operations Center 8.1.0.000

Spectrum Protect Operations Center 7.1.10

References

https://www.ibm.com/support/pages/node/6325341
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/186782
vdb-entryx_refsource_XF

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.