CVE-2020-4693Improper Input Validation in IBM Spectrum Protect Operations Center

CWE-20Improper Input Validation4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
0.6%
top 30.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Spectrum Protect Operations Center
Timeline
PublishedSep 2
Latest updateMay 24

Description

IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export. IBM X-Force ID: 186782.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDibm/spectrum_protect_operations_center7.1.0.0007.1.10.000+1

🔴Vulnerability Details

2
GHSA
GHSA-8qjw-wjp9-mh9g: IBM Spectrum Protect Operations Center 72022-05-24
CVEList
CVE-2020-4693: IBM Spectrum Protect Operations Center 72020-09-02
CVE-2020-4693 — Improper Input Validation in IBM | cvebase