IBM Spectrum Protect Plus up to 10.1.5 Incomplete Fix CVE-2020-4211 command injection

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in IBM Spectrum Protect Plus up to 10.1.5 (Backup Software). Affected is an unknown code of the component Incomplete Fix CVE-2020-4211. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1055382610/24/2020VulD...cve_cnaIBM Corporationnvd.nist.gov10/24/2020accepted70
1055382510/24/2020VulD...xforce181724cve.mitre.org10/24/2020accepted70
1055382410/24/2020VulD...confirm_urlhttps://www.ibm.com/support/pages/node/6221358cve.mitre.org10/24/2020accepted70
1017374106/16/2020VulD...cwe77 (privilege escalation)06/16/2020accepted90
1017373906/16/2020VulD...cve_nvd_summaryIBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. This vulnerability is due to an incomplete fix for CVE-2020-4211. IBM X-Force ID: 181724.mitre.org06/16/2020accepted100
1017373806/16/2020VulD...cve_assigned1577664000mitre.org06/16/2020accepted100
1017373206/16/2020VulD...cvss3_nvd_aHnist.gov06/16/2020accepted100
1017373106/16/2020VulD...cvss3_nvd_iHnist.gov06/16/2020accepted100
1017373006/16/2020VulD...cvss3_nvd_cHnist.gov06/16/2020accepted100
1017372906/16/2020VulD...cvss3_nvd_sUnist.gov06/16/2020accepted100
1017372806/16/2020VulD...cvss3_nvd_uiNnist.gov06/16/2020accepted100
1017372706/16/2020VulD...cvss3_nvd_prNnist.gov06/16/2020accepted100
1017372606/16/2020VulD...cvss3_nvd_acHnist.gov06/16/2020accepted100
1017372506/16/2020VulD...cvss3_nvd_avNnist.gov06/16/2020accepted100
1017369906/16/2020VulD...typeBackup Software06/16/2020accepted100
1017374906/16/2020VulD...cvss3_nvd_basescore8.1nist.gov06/16/2020accepted90
1017374806/16/2020VulD...cvss3_vuldb_rcX06/16/2020accepted90
1017374706/16/2020VulD...cvss3_vuldb_rlX06/16/2020accepted90
1017374606/16/2020VulD...cvss3_vuldb_eX06/16/2020accepted90
1017374506/16/2020VulD...cvss2_vuldb_rcND06/16/2020accepted90

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!