CVE-2020-4494

CVSS 7.5 HIGHEPSS 2.2%

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 7.5EPSS 2.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

15 jun 2020Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. IBM X-Force ID: 182019.

CVSS:3.0/I:N/A:N/S:U/UI:N/C:H/AC:L/PR:N/AV:N/RL:O/RC:C/E:U

Productos afectados

IBM · Spectrum Protect Client (AIX)IBM · Spectrum Protect Client (Linux and Windows)IBM · Spectrum Protect for Space Management (AIX)IBM · Spectrum Protect for Space Management (Linux)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://exchange.xforce.ibmcloud.com/vulnerabilities/182019 https://www.ibm.com/support/pages/node/6221448