CVE-2020-5022
MEDIUMIBM Spectrum Protect Plus 10.1.0-10.1.6 - Unauthenticated Information Disclosure via VDAP Proxy
Title source: llmDescription
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow unauthenticated and unauthorized access to VDAP proxy which can result in an attacker obtaining information they are not authorized to access. IBM X-Force ID: 193658.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/pages/node/6398754
VDB Entry, Vendor Advisory vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/193658
Scores
CVSS v3
5.3
EPSS
0.0100
EPSS Percentile
58.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-306
CWE-862
Status
published
Products (1)
ibm/spectrum_protect_plus
10.1.0 - 10.1.7
Published
Jan 08, 2021
Tracked Since
Feb 18, 2026