Security Bulletin: Static Credential Vulnerability in IBM Spectrum Protect Plus (CVE-2020-4854)

Nov 20, 2020 7:00 pm EST

Share this post:

IBM Spectrum Protect Plus contains hard-coded credentials which could allow a remote attacker to gain elevated privileges.

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
IBM Spectrum Protect Plus	10.1.0-10.1.6

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6367823

See information about: IBM Security Bulletins, IBM Security Vulnerability Management (PSIRT), Reporting a Security Issue, IBM Secure Engineering

Access IBM Product Support to: Subscribe to Notifications, Download Fixes & PTFs (Fix Central), Access the Directory of IBM Worldwide Contacts

IBM Cloud Private is vulnerable to a Go vulnerability ...read more

IBM Cloud Private is vulnerable to MongoDB vulnerabilities ...read more

IBM Cloud Private is vulnerable to a Python vulnerability ...read more