CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5017
https://notcve.org/view.php?id=CVE-2020-5017
08 Jan 2021 — IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to information beyond their intended role and permissions. IBM X-Force ID: 193653. IBM Spectrum Protect Plus versiones 10.1.0 hasta 10.1.6, puede permitir a un usuario local conseguir acceso a información más allá de su rol y permisos previstos. IBM X-Force ID: 193653 • https://exchange.xforce.ibmcloud.com/vulnerabilities/193653 •
CVSS: 10.0EPSS: 53%CPEs: 2EXPL: 0CVE-2020-4222 – IBM Spectrum Protect Plus password Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-4222
24 Feb 2020 — IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175091. IBM Spectrum Protect Plus versiones 10.1.0 y 10.1.5, podría permitir a un atacante remoto ejecutar código arbitrario sobre el sistema. Mediante el uso de un comando HTTP especialmente diseñado, un atacante podría explotar esta vulnerabilidad... • https://exchange.xforce.ibmcloud.com/vulnerabilities/175091 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 53%CPEs: 2EXPL: 0CVE-2020-4213 – IBM Spectrum Protect Plus username Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-4213
24 Feb 2020 — IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175024. IBM Spectrum Protect Plus versiones 10.1.0 y 10.1.5, podría permitir a un atacante remoto ejecutar código arbitrario sobre el sistema. Mediante el uso de un comando HTTP especialmente diseñado, un atacante podría explotar esta vulnerabilidad... • https://exchange.xforce.ibmcloud.com/vulnerabilities/175024 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 34%CPEs: 3EXPL: 0CVE-2020-4212 – IBM Spectrum Protect Plus hfpackage Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-4212
24 Feb 2020 — IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175023. IBM Spectrum Protect Plus versiones 10.1.0 y 10.1.5, podría permitir a un atacante remoto ejecutar código arbitrario sobre el sistema. Mediante el uso de un comando HTTP especialmente diseñado, un atacante podría explotar esta vulnerabilidad... • https://exchange.xforce.ibmcloud.com/vulnerabilities/175023 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 48%CPEs: 3EXPL: 0CVE-2020-4211 – IBM Spectrum Protect Plus hostname Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-4211
24 Feb 2020 — IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175022. IBM Spectrum Protect Plus versiones 10.1.0 y 10.1.5, podría permitir a un atacante remoto ejecutar código arbitrario sobre el sistema. Mediante el uso de un comando HTTP especialmente diseñado, un atacante podría explotar esta vulnerabilidad... • https://exchange.xforce.ibmcloud.com/vulnerabilities/175022 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 53%CPEs: 3EXPL: 0CVE-2020-4210 – IBM Spectrum Protect Plus changeAdministratorPassword Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-4210
24 Feb 2020 — IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175020. IBM Spectrum Protect Plus versiones 10.1.0 y 10.1.5, podría permitir a un atacante remoto ejecutar código arbitrario sobre el sistema. Mediante el uso de un comando HTTP especialmente diseñado, un atacante podría explotar esta vulnerabilidad... • https://exchange.xforce.ibmcloud.com/vulnerabilities/175020 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •