Vulnerability Description
IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. IBM X-Force ID: 182019.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Spectrum Protect Client | >= 8.1.7.0, <= 8.1.9.1 |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
| Ibm | Aix | - |
| Ibm | Spectrum Protect For Space Management | >= 8.1.7.0, <= 8.1.9.1 |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/182019VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6221448Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/182019VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6221448Vendor Advisory
FAQ
What is CVE-2020-4494?
CVE-2020-4494 is a vulnerability with a CVSS score of 7.5 (HIGH). IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1...
How severe is CVE-2020-4494?
CVE-2020-4494 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-4494?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Spectrum Protect Client, Linux Linux Kernel, Microsoft Windows, Ibm Aix, Ibm Spectrum Protect For Space Management.