What is CVE-2020-4703?

CVE-2020-4703 is a high-severity vulnerability in Ibm Spectrum Protect Plus. CVSS score: 8.0/10. Published 2020-09-15.

How severe is CVE-2020-4703?

High severity. CVSS v3 base score is 8.0 out of 10.

Is CVE-2020-4703 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ibm Spectrum Protect Plus

CVE-2020-4703

IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. This vulnerability is due to an incomple…

EPSS: 0.008 (75.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.0 (High). Vector: CVSS:3.0/PR:L/C:H/UI:R/I:H/AV:N/S:U/AC:L/A:H/RL:O/RC:C/E:U.

Affected products

Ibm Spectrum Protect Plus — versions 10.1.0, 10.1.6

Public proof-of-concept exploits

alphaSeclab/sec-daily-2020

References

www.ibm.com/support/pages/node/6328867 (x_refsource_CONFIRM)
ibm-spectrum-cve20204703-file-upload (187188) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2020-4703?: CVE-2020-4703 is a high-severity vulnerability in Ibm Spectrum Protect Plus. CVSS score: 8.0/10. Published 2020-09-15.
How severe is CVE-2020-4703?: High severity. CVSS v3 base score is 8.0 out of 10.
Is CVE-2020-4703 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.