CVE-2020-4494

Summary

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. IBM X-Force ID: 182019.

Affected Software

VendorProductVersion RangeStatus
IBMSpectrum Protect for Space Management (Linux)8.1.7.0affected
IBMSpectrum Protect for Space Management (Linux)8.1.9.1affected
IBMSpectrum Protect for Space Management (AIX)8.1.9.0affected
IBMSpectrum Protect for Space Management (AIX)8.1.9.1affected
IBMSpectrum Protect Client (AIX)8.1.9.0affected
IBMSpectrum Protect Client (AIX)8.1.9.1affected
IBMSpectrum Protect Client (Linux and Windows)8.1.7.0affected
IBMSpectrum Protect Client (Linux and Windows)8.1.9.1affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References