Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMD3A3254E9568715E37ACE7BEE2C7670542459638F28A449290812DB3D2302384
HistoryAug 17, 2020 - 6:56 p.m.

Security Bulletin: Incorrect permissions on IBM Spectrum Protect Plus agent files (CVE-2020-4631)

2020-08-1718:56:27
www.ibm.com
4

0.0004 Low

EPSS

Percentile

5.1%

JSON

Summary

IBM Spectrum Protect Plus agent files on Windows have incorrect access permissions.

Vulnerability Details

CVEID:CVE-2020-4631
**DESCRIPTION:**IBM Spectrum Protect Plus agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations.
CVSS Base score: 5.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/185372 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Spectrum Protect Plus 10.1.0-10.1.6

Remediation/Fixes

Spectrum Protect Plus Release|First Fixing VRM Level|Platform|**APAR
**|Link to Fix
—|—|—|—|—
10.1| 10.1.6 ifix2| Linux| IT33149 | <https://www.ibm.com/support/pages/node/6254732&gt;

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm spectrum protect pluseq10.1

Related

cve 1
cvelist 1
nvd 1
prion 1
cve
cve
CVE-2020-4631
2020-08-04 16:15:12
cvelist
cvelist
CVE-2020-4631
2020-08-03 00:00:00
nvd
nvd
CVE-2020-4631
2020-08-04 16:15:12
prion
prion
Design/Logic Flaw
2020-08-04 16:15:00

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for D3A3254E9568715E37ACE7BEE2C7670542459638F28A449290812DB3D2302384
cve1cvelist1nvd1prion1