CVE-2020-4954 is a vulnerability in IBM Spectrum Protect Operations Center
Published on February 15, 2021
IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to bypass authentication restrictions, caused by improper session validation . By using the configuration panel to obtain a valid session using an attacker controlled IBM Spectrum Protect server, an attacker could exploit this vulnerability to bypass authentication and gain access to a limited number of debug functions, such as logging levels. IBM X-Force ID: 192153.
Products Associated with CVE-2020-4954
Want to know whenever a new CVE is published for IBM Spectrum Protect Operations Center? stack.watch will email you.
Affected Versions
IBM Spectrum Protect Operations Center:- Version 8.1 is affected.
- Version 7.1 is affected.
- Version 8.1.10.100 is affected.
- Version 7.1.12 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.