Lucene search
IBMEF4056CF55318BA0B8DC9E29AABFB11D80DD0AFE0E0F9889B8D5C2F87B544D78HistorySep 01, 2020 - 7:20 p.m.
Security Bulletin: Information Disclosure vulnerability in IBM Spectrum Protect Server (CVE-2020-4591)
2020-09-0119:20:05
www.ibm.com
5
EPSS
0
Percentile
12.6%
Summary
The IBM Spectrum Protect Server may disclose sensitive information due to not encrypting the second chunk of an object in an encrypted container pool.
Vulnerability Details
CVEID:CVE-2020-4591
**DESCRIPTION:**The IBM Spectrum Protect Server could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool.
CVSS Base score: 2.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/184746 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Spectrum Protect Server | 8.1.0.000-8.1.10.000 |
Remediation/Fixes
| Spectrum Protect Server Release | First Fixing VRM Level | Platform | Link to Fix |
|---|---|---|---|
| 8.1 | 8.1.10.100 | AIX | |
| Linux | |||
| Windows | <https://www.ibm.com/support/pages/node/6323469> |
Workarounds and Mitigations
None
Related
nessus
nessus
IBM Spectrum Protect 8.1.x < 8.1.10.100 Information Disclosure
2020-09-03 00:00:00
prion
prion
Design/Logic Flaw
2020-08-28 15:15:00
cvelist
cvelist
CVE-2020-4591
2020-08-28 14:35:20
nvd
nvd
CVE-2020-4591
2020-08-28 15:15:12
cve
cve
CVE-2020-4591
2020-08-28 15:15:12
EPSS
0
Percentile
12.6%
Related for EF4056CF55318BA0B8DC9E29AABFB11D80DD0AFE0E0F9889B8D5C2F87B544D78