3.3
CVE-2020-4591
- EPSS 0.02%
- Veröffentlicht 28.08.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:32:57
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Spectrum Protect Server Version >= 8.1.0.000 <= 8.1.10.000
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.034 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 1.9 | 3.4 | 2.9 |
AV:L/AC:M/Au:N/C:P/I:N/A:N
|
| psirt@us.ibm.com | 2.9 | 1.4 | 1.4 |
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-311 Missing Encryption of Sensitive Data
The product does not encrypt sensitive or critical information before storage or transmission.