CVE-2020-4240 — Path Traversal in IBM Spectrum Protect Plus

CWE-22 — Path Traversal CWE-358 — Improperly Implemented Security Check for Standard CWE-416 — Use After Free CWE-787 — Out-of-bounds Write37 documents7 sources

Severity

6.5MEDIUMNVD

EPSS

0.4%

top 37.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Spectrum Protect Plus

Timeline

PublishedMar 31

Latest updateMay 24

Description

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to overwrite or create arbitrary files on the system. IBM X-Force ID: 175417.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDibm/spectrum_protect_plus10.1.0 — 10.1.5

▶CVEListV5ibm/spectrum_protect_plus10.1.0, 10.1.5+1

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-mh42-q5qx-q9r6: IBM Spectrum Protect Plus 10↗2022-05-24

▶

CVEList

CVE-2020-4240: IBM Spectrum Protect Plus 10↗2020-03-31

▶

Project0

Project Zero RCA: CVE-2020-15999: FreeType Heap Buffer Overflow in Load_SBit_Png↗

▶

💥Exploits & PoCs

Exploit-DB

Google Chrome 86.0.4240 V8 - Remote Code Execution↗2021-04-06

▶

📋Vendor Advisories

Microsoft

Microsoft SharePoint Remote Code Execution Vulnerability↗2020-12-08

▶

Red Hat

chromium-browser: Inappropriate implementation in V8↗2020-11-11

▶

Red Hat

chromium-browser: Use after free in site isolation↗2020-11-11

▶

Microsoft

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.↗2020-11-10

▶

Red Hat

chromium-browser: Inappropriate implementation in base↗2020-11-09

▶