Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2020/10/15 12:0 a.m.87 views

IBM Spectrum Protect Plus File Upload RCE

The IBM Spectrum Protect Plus SPP administrative console running on the remote host is affected by a remote code execution vulnerability due to the fact that it allows remote installation of console plugins. An unauthenticated, remote attacker can exploit this and CVE-2020-4711 together, via...

8CVSS7.8AI score0.02606EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2020/09/24 12:0 a.m.3 views

IBM Spectrum Protect Plus Directory Traversal (CVE-2020-4711)

A directory traversal vulnerability exists in IBM Spectrum Protect Plus. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information from the affected server...

4CVSS5.2AI score0.02606EPSS
Exploits0
Circl
Circl
added 2020/09/15 10:9 p.m.7 views

CVE-2020-4711

creationtimestamp| type| source ---|---|--- 2020-09-15 22:09:22+00:00| seen| https://t.me/cibsecurity/14673...

6.5CVSS6.8AI score0.02606EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2020/09/15 7:8 p.m.244 views

IBM Spectrum Protect Plus Security Open to RCE

IBM has issued fixes for vulnerabilities in Spectrum Protect Plus, Big Blue’s security tool found under the umbrella of its Spectrum data storage software branding. The flaws can be exploited by remote attackers to execute code on vulnerable systems. IBM Spectrum Protect Plus is a data-protection...

6CVSS0.2AI score0.26869EPSS
Exploits1References9
CVE
CVE
added 2020/09/15 1:50 p.m.92 views

CVE-2020-4711

CVE-2020-4711 affects IBM Spectrum Protect Plus 10.1.0–10.1.6. The issue is a directory traversal vulnerability in a script (restore_wrapper.sh) accessed via the unauthenticated endpoint /catalogmanager/api/catalog (cmode=restorefromjob). A missing/ bypassable path check allows an unauthenticated...

6.5CVSS6.3AI score0.02606EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/14 7:37 p.m.30 views

Security Bulletin: Directory Traversal and Execution of Arbitrary Code vulnerabilities in IBM Spectrum Protect Plus (CVE-2020-4711, CVE-2020-4703)

Summary IBM Spectrum Protect Plus is vulnerable to directory traversal and execution of arbitrary code on the system. Vulnerability Details CVEID: CVE-2020-4711 DESCRIPTION: IBM Spectrum Protect Plus could allow a remote attacker to traverse directories on the system. An attacker could send a...

8CVSS2.5AI score0.02606EPSS
Exploits0Affected Software1
Rows per page
Query Builder