Vulnerability Description
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs increasing the risk of such information being caputured by an attacker. IBM X-Force ID: 193654.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Spectrum Protect Plus | >= 10.1.0, < 10.1.7 |
| Linux | Linux Kernel | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/193654VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6398754PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/193654VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6398754PatchVendor Advisory
FAQ
What is CVE-2020-5018?
CVE-2020-5018 is a vulnerability with a CVSS score of 7.5 (HIGH). IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs increasing the risk of such information being caputured by an attacker. IBM X-Force ID: 193654.
How severe is CVE-2020-5018?
CVE-2020-5018 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-5018?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Spectrum Protect Plus, Linux Linux Kernel.