CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-4954

IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to bypass authentication restrictions, caused by improper session validation . By using the configuration panel to obtain a valid session using an attacker controlled IBM Spectrum Protect server, an attacker could exploit this vulnerability to bypass authentication and gain access to a limited number of debug functions, such as logging levels. IBM X-Force ID: 192153.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.1%

CVSS Severity

CVSS v3 Score 4.2

CVSS v2 Score 4.8

References

Products affected by CVE-2020-4954

Ibm » Spectrum Protect Operations Center » Version: 7.1.0.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.0.000
Ibm » Spectrum Protect Operations Center » Version: 7.1.1.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.1.000
Ibm » Spectrum Protect Operations Center » Version: 7.1.10.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.10.000
Ibm » Spectrum Protect Operations Center » Version: 7.1.11

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.11
Ibm » Spectrum Protect Operations Center » Version: 7.1.11.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.11.000
Ibm » Spectrum Protect Operations Center » Version: 7.1.3.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.3.000
Ibm » Spectrum Protect Operations Center » Version: 7.1.4.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.4.000
Ibm » Spectrum Protect Operations Center » Version: 7.1.5.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.5.000
Ibm » Spectrum Protect Operations Center » Version: 7.1.6.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.6.000
Ibm » Spectrum Protect Operations Center » Version: 7.1.7.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.7.000
Ibm » Spectrum Protect Operations Center » Version: 7.1.8.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.8.000
Ibm » Spectrum Protect Operations Center » Version: 7.1.9.200

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.9.200
Ibm » Spectrum Protect Operations Center » Version: 7.1.9.300

cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.9.300
Ibm » Spectrum Protect Operations Center » Version: 8.1.0.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.0.000
Ibm » Spectrum Protect Operations Center » Version: 8.1.1.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.1.000
Ibm » Spectrum Protect Operations Center » Version: 8.1.10

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.10
Ibm » Spectrum Protect Operations Center » Version: 8.1.10.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.10.000
Ibm » Spectrum Protect Operations Center » Version: 8.1.2.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.2.000
Ibm » Spectrum Protect Operations Center » Version: 8.1.3.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.3.000
Ibm » Spectrum Protect Operations Center » Version: 8.1.4.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.4.000
Ibm » Spectrum Protect Operations Center » Version: 8.1.5.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.5.000
Ibm » Spectrum Protect Operations Center » Version: 8.1.6.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.6.000
Ibm » Spectrum Protect Operations Center » Version: 8.1.7.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.7.000
Ibm » Spectrum Protect Operations Center » Version: 8.1.8.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.8.000
Ibm » Spectrum Protect Operations Center » Version: 8.1.9.000

cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.9.000

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-4954

Products

Pricing

Contact Us