CVE-2020-4565Sensitive Information Exposure in IBM Spectrum Protect Plus

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.9MEDIUMNVD
EPSS
0.2%
top 52.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Spectrum Protect Plus
Timeline
PublishedJun 26
Latest updateMay 24

Description

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an attacker to obtain sensitive information due to insecure communications being used between the application and server. IBM X-Force ID: 183935.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

NVDibm/spectrum_protect_plus10.1.010.1.5
CVEListV5ibm/spectrum_protect_plus10.1.0, 10.1.5+1

🔴Vulnerability Details

2
GHSA
GHSA-mq92-rvj9-24qx: IBM Spectrum Protect Plus 102022-05-24
CVEList
CVE-2020-4565: IBM Spectrum Protect Plus 102020-06-26
CVE-2020-4565 — Sensitive Information Exposure in IBM | cvebase