IBM Spectrum Protect Plus uploadHttpsCertificate Command Injection (CVE-2020-4241)
A command injection vulnerability exists in IBM Spectrum Protect Plus. The vulnerability is due to a lack of input validation in the Administrative Console service when parsing the filename parameter in the uploadHttpsCertificate method. A remote authenticated attacker could exploit this...