Lucene search
IBM6FE3699111355E48CFB34470138E975BEC3E1FA76DC0A1B1DA7497AFF57DFF4AHistoryFeb 09, 2021 - 10:00 a.m.
Security Bulletin: Denial of Service vulnerability in IBM Spectrum Protect Plus (CVE-2020-5023)
2021-02-0910:00:05
www.ibm.com
13
ibm spectrum protect plus
denial of service
cve-2020-5023
arbitrary data injection
resource consumption
EPSS
0.001
Percentile
47.8%
Summary
IBM Spectrum Protect Plus may be vulnerable to a denial of service attack when arbitrary data injection/parameter fuzzing is performed.
Vulnerability Details
CVEID:CVE-2020-5023
**DESCRIPTION:**IBM Spectrum Protect Plus could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resource consumption.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/193659 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Spectrum Protect Plus | 10.1.0-10.1.7 |
Remediation/Fixes
| IBM Spectrum Protect Plus Release | First Fixing VRM Level | Platform | Link to Fix |
|---|---|---|---|
| 10.1 | 10.1.7 ifix2 | ||
| (10.1.7.2) | |||
| Linux | https://www.ibm.com/support/pages/node/6330495 |
Workarounds and Mitigations
None
Related
prion
prion
Code injection
2021-02-10 17:15:00
cvelist
cvelist
CVE-2020-5023
2021-02-10 17:00:18
cve
cve
CVE-2020-5023
2021-02-10 17:15:16
nvd
nvd
CVE-2020-5023
2021-02-10 17:15:16
EPSS
0.001
Percentile
47.8%
Related for 6FE3699111355E48CFB34470138E975BEC3E1FA76DC0A1B1DA7497AFF57DFF4A