Lucene search
IBME1666522E61C3B2EA70DA9CCDD5B33744432418F72E1287DC40C1A3706A5A3CBHistorySep 01, 2020 - 6:56 p.m.
Security Bulletin: Code injection vulnerability in IBM Spectrum Protect Operations Center (CVE-2020-4693)
2020-09-0118:56:57
www.ibm.com
5
0.003 Low
EPSS
Percentile
70.1%
Summary
Due to improper validation of data prior to export, IBM Spectrum Protect Operations Center may allow an attacker to execute arbitrary code on the system.
Vulnerability Details
CVEID:CVE-2020-4693
**DESCRIPTION:**IBM Spectrum Protect may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export.
CVSS Base score: 9.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/186782 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Spectrum Protect Operations Center | 8.1.0.000-8.1.9.xxx |
| 7.1.0.000-7.1.10.xxx |
Remediation/Fixes
| Spectrum Protect Operations Center Release | First Fixing VRM Level | Platform | Link to Fix |
|---|---|---|---|
| 8.1 | 8.1.10.000 | AIX | |
| Linux | |||
| Windows | <http://www.ibm.com/support/pages/node/6229104> | ||
| 7.1 | 7.1.11.000 | AIX | |
| Linux | |||
| Windows | <https://www.ibm.com/support/pages/node/6256682> |
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm spectrum protect extended edition | eq | 8.1 | |
| ibm spectrum protect extended edition | eq | 7.1 |
Related
prion
prion
Input validation
2020-09-02 19:15:00
nessus
nessus
cve
cve
CVE-2020-4693
2020-09-02 19:15:18
cvelist
cvelist
CVE-2020-4693
2020-09-01 00:00:00
ibm
ibm
nvd
nvd
CVE-2020-4693
2020-09-02 19:15:18
0.003 Low
EPSS
Percentile
70.1%
Related for E1666522E61C3B2EA70DA9CCDD5B33744432418F72E1287DC40C1A3706A5A3CB