CVE-2020-5018
CVE-2020-5018
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.7EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
08 Jan 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs increasing the risk of such information being caputured by an attacker. IBM X-Force ID: 193654.
CVSS:3.0/A:N/S:U/AV:N/I:N/C:L/AC:H/PR:N/UI:N/E:U/RC:C/RL:O
Affected products
IBM · Spectrum Protect Plus