CVE-2020-4241
CVE-2020-4241
In short
IBM Spectrum Scale and Spectrum Protect Plus versions 10.1.0 through 10.1.5 have a flaw that lets authenticated attackers run arbitrary commands on the system by sending a specially crafted request. This is dangerous because it gives attackers full control over the affected system.
Technical detail
Remote authenticated attacker can execute arbitrary commands via specially crafted request to vulnerable versions of IBM Spectrum Scale and Spectrum Protect Plus (10.1.0–10.1.5). Requires valid credentials but does not require elevated privileges. Impact is code execution with system-level access.
Summary generated and translated by AI from the official description.
IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 175418.
CVSS:3.0/UI:N/I:H/S:U/A:H/AV:N/PR:L/AC:H/C:H/RL:O/RC:C/E:U
Affected products
IBM · Spectrum Protect PlusWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →