Lucene search
IBME83BDD9465D5FB0D5B6AC8B665801AE101A551C844773947A749811D90751856HistoryJun 12, 2020 - 8:50 p.m.
Security Bulletin: Information Disclosure via IBM Spectrum Protect Plus virgo log file (CVE-2020-4477)
2020-06-1220:50:08
www.ibm.com
7
EPSS
0.001
Percentile
23.7%
Summary
IBM Spectrum Protect Plus virgo log file may disclose sensitive information in plain text.
Vulnerability Details
CVEID:CVE-2020-4477
**DESCRIPTION:**IBM Spectrum Protect Plus discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/181779 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Spectrum Protect Plus | 10.1.0-10.1.5 |
Remediation/Fixes
| Spectrum Protect Plus Release | First Fixing VRM Level | Platform | Link to Fix |
|---|---|---|---|
| 10.1 | 10.1.6 | Linux | <https://www.ibm.com/support/pages/node/5693313> |
Workarounds and Mitigations
None
Related
nvd
nvd
CVE-2020-4477
2020-06-15 14:15:12
prion
prion
Code injection
2020-06-15 14:15:00
cvelist
cvelist
CVE-2020-4477
2020-06-15 13:25:27
cve
cve
CVE-2020-4477
2020-06-15 14:15:12
EPSS
0.001
Percentile
23.7%
Related for E83BDD9465D5FB0D5B6AC8B665801AE101A551C844773947A749811D90751856