CVE-2020-4591

EUVD-2020-25838
IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
ibmCNA
2.9 LOW
LOCAL
HIGH
NONE
CVSS:3.0/A:N/AC:H/C:L/S:U/AV:L/I:N/PR:N/UI:N/E:U/RC:C/RL:O
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
ibmspectrum_protect_server
8.1.0.000 ≤
𝑥
≤ 8.1.10.000
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/184746
https://www.ibm.com/support/pages/node/6323765
https://exchange.xforce.ibmcloud.com/vulnerabilities/184746
https://www.ibm.com/support/pages/node/6323765