← back
CVE-2020-4686

CVE-2020-4686

CVSS 6.8 MEDIUMEPSS 1.6%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.8EPSS 1.6%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
17 Aug 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678.
CVSS:3.0/C:H/AV:N/PR:L/UI:N/I:H/S:U/AC:H/A:N/RL:O/E:U/RC:C
Affected products
IBM · SAN Volume Controller and Storwize Family

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/186678https://www.ibm.com/support/pages/node/6260199