Authentication flaw

2021-02-1515:15:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.4%

JSON

IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to bypass authentication restrictions, caused by improper session validation . By using the configuration panel to obtain a valid session using an attacker controlled IBM Spectrum Protect server, an attacker could exploit this vulnerability to bypass authentication and gain access to a limited number of debug functions, such as logging levels. IBM X-Force ID: 192153.

CPENameOperatorVersion
spectrum_protect_operations_centerge7.1.0.000
spectrum_protect_operations_centerlt7.1.13.000
spectrum_protect_operations_centerge8.1.0.000
spectrum_protect_operations_centerlt8.1.10.200

Name	Operator	Version
spectrum_protect_operations_center	ge	7.1.0.000
spectrum_protect_operations_center	lt	7.1.13.000
spectrum_protect_operations_center	ge	8.1.0.000
spectrum_protect_operations_center	lt	8.1.10.200