Local User Denial of Service in IBM Spectrum Protect Plus
CVE-2021-20490

4MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
29 June 2021

Summary

The vulnerability allows a local user to exploit insecure file permission settings in IBM Spectrum Protect Plus versions 10.1.0 to 10.1.8, potentially leading to a denial of service condition. This can result in service interruption and affect the overall functionality of the product. Ensuring proper file permissions is crucial to mitigate this security risk.

Affected Version(s)

Spectrum Protect Plus 10.1.0

Spectrum Protect Plus 10.1.8

References

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.