CVE-2020-4591

IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
ibmCNA
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Affected Products (NVD)
VendorProductVersion
ibmspectrum_protect_server
8.1.0.000 ≤
𝑥
≤ 8.1.10.000
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
ibmspectrum_protect
8.1.0.0
CNA
ibmspectrum_protect
8.1.10.0
CNA
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/184746
https://www.ibm.com/support/pages/node/6323765
https://exchange.xforce.ibmcloud.com/vulnerabilities/184746
https://www.ibm.com/support/pages/node/6323765