The IBM Spectrum Protect Server may disclose sensitive information due to not encrypting the second chunk of an object in an encrypted container pool.
CVEID:CVE-2020-4591
**DESCRIPTION:**The IBM Spectrum Protect Server could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool.
CVSS Base score: 2.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/184746 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Spectrum Protect Server | 8.1.0.000-8.1.10.000 |
Spectrum Protect Server Release | First Fixing VRM Level | Platform | Link to Fix |
---|---|---|---|
8.1 | 8.1.10.100 | AIX | |
Linux | |||
Windows | <https://www.ibm.com/support/pages/node/6323469> |
None