CVE-2020-4703

Summary

IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. This vulnerability is due to an incomplete fix for CVE-2020-4470. IBM X-Force ID: 187188.

Affected Software

VendorProductVersion RangeStatus
IBMSpectrum Protect Plus10.1.0affected
IBMSpectrum Protect Plus10.1.6affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References