2 matches found
Security Bulletin: Authentication Bypass, Arbitrary Directory Deletion, and Command Injection vulnerabilities in IBM Spectrum Protect Plus (CVE-2020-4208, CVE-2020-4214, CVE-2020-4206, CVE-2020-4241, CVE-2020-4242)
Summary IBM Spectrum Protect Plus is vulnerable to authentication bypass, arbitrary directory deletion, and command injection which allows a remote attacker to execute arbitrary code on the system. Vulnerability Details CVEID: CVE-2020-4208 DESCRIPTION: IBM Spectrum Protect Plus contains hard-cod...
CVE-2020-4242
CVE-2020-4242 affects IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0–10.1.5. The issue allows a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM’s Security Bulletin (and related IBM X-Force data) confirms a command-inje...