Local User Denial of Service in IBM Spectrum Protect Plus
CVE-2021-20490
4MEDIUM
Summary
The vulnerability allows a local user to exploit insecure file permission settings in IBM Spectrum Protect Plus versions 10.1.0 to 10.1.8, potentially leading to a denial of service condition. This can result in service interruption and affect the overall functionality of the product. Ensuring proper file permissions is crucial to mitigate this security risk.
Affected Version(s)
Spectrum Protect Plus 10.1.0
Spectrum Protect Plus 10.1.8
References
CVSS V3.1
Score:
4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved