CVE-2020-4477

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system. IBM X-Force ID: 181779.

Published: Jun 15, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-4477
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-532

Affected Software
References

Software	From	Fixed in
ibm / spectrum_protect_plus	10.1.0	10.1.5.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/181779
https://www.ibm.com/support/pages/node/6221388

Vulnerability Database

289,689

CVE-2020-4477