Lucene search

IbmCVELIST:CVE-2020-4415

HistoryApr 23, 2020 - 1:10 p.m.

CVE-2020-4415

2020-04-2313:10:24

ibm

www.cve.org

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

AI Score

9.6

Confidence

High

EPSS

0.018

Percentile

88.0%

JSON

IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause the Spectrum Protect server to crash. IBM X-Force ID: 179990.

CNA Affected

[
  {
    "product": "Spectrum Protect",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.1.0.0"
      },
      {
        "status": "affected",
        "version": "7.1.10.0"
      },
      {
        "status": "affected",
        "version": "8.1.0.0"
      },
      {
        "status": "affected",
        "version": "8.1.9.200"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/179990

www.ibm.com/support/pages/node/6195706

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

AI Score

9.6

Confidence

High

EPSS

0.018

Percentile

88.0%

JSON

Related for CVELIST:CVE-2020-4415