Vulnerability in Ibm Spectrum Protect Plus
CVE-2020-4211
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the…
EPSS: 0.516 (97.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/A:H/S:U/C:H/UI:N/I:H/AV:N/PR:N/AC:L/RC:C/E:U/RL:O.
Affected products
- Ibm Spectrum Protect Plus — versions 10.1.0, 10.1.5
References
- www.ibm.com/support/pages/node/3178863 (x_refsource_CONFIRM)
- ibm-spectrum-cve20204211-code-exec (175022) (vdb-entry, x_refsource_XF)
- www.zerodayinitiative.com/advisories/ZDI-20-273/ (x_refsource_MISC)
Frequently asked questions
- What is CVE-2020-4211?
- CVE-2020-4211 is a critical-severity vulnerability in Ibm Spectrum Protect Plus. CVSS score: 9.8/10. Published 2020-02-24.
- How severe is CVE-2020-4211?
- Critical severity. CVSS v3 base score is 9.8 out of 10.