What is CVE-2020-4415?

CVE-2020-4415 is a vulnerability in IBM Spectrum Protect server that allows a remote attacker to execute arbitrary code or cause a denial of service.

What is the severity of CVE-2020-4415?

CVE-2020-4415 has a severity rating of 9.8 out of 10, indicating it is a critical vulnerability.

Which versions of IBM Spectrum Protect server are affected by CVE-2020-4415?

IBM Spectrum Protect server versions 7.1.0.0-7.1.10.0 and 8.1.0.0-8.1.9.200 are affected by CVE-2020-4415.

How can I fix CVE-2020-4415?

To fix CVE-2020-4415, update the IBM Spectrum Protect server to a version that is not affected by the vulnerability.

Vulnerability/
CVE-2020-4415

critical

CWE

119 20 787

21/4/2020

23/4/2020

17/9/2024

CVE-2020-4415: Buffer Overflow

Q: How does CVE-2020-4415 impact IBM Spectrum Protect server?

CVE-2020-4415 can allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause a denial of service.

First published: Tue Apr 21 2020(Updated: )

IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause the Spectrum Protect server to crash. IBM X-Force ID: 179990.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Spectrum Protect Server	<=8.1.0.0-8.1.9.200
IBM Spectrum Protect Server	<=7.1.0.0-7.1.10.0
IBM Spectrum Protect	>=7.1.0.0<=7.1.10.0
IBM Spectrum Protect	>=8.1.0.0<=8.1.9.200

Remedy

https://www.ibm.com/support/pages/node/6195706

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6195706

Frequently Asked Questions

What is CVE-2020-4415?
CVE-2020-4415 is a vulnerability in IBM Spectrum Protect server that allows a remote attacker to execute arbitrary code or cause a denial of service.
How does CVE-2020-4415 impact IBM Spectrum Protect server?
CVE-2020-4415 can allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause a denial of service.
What is the severity of CVE-2020-4415?
CVE-2020-4415 has a severity rating of 9.8 out of 10, indicating it is a critical vulnerability.
Which versions of IBM Spectrum Protect server are affected by CVE-2020-4415?
IBM Spectrum Protect server versions 7.1.0.0-7.1.10.0 and 8.1.0.0-8.1.9.200 are affected by CVE-2020-4415.
How can I fix CVE-2020-4415?
To fix CVE-2020-4415, update the IBM Spectrum Protect server to a version that is not affected by the vulnerability.

collector/nvd-index
agent/references
agent/type
agent/first-publish-date
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/last-modified-date
agent/weakness
agent/author
agent/tags
agent/description
agent/event
collector/ibm-support
source/IBM
agent/software-canonical-lookup
vendor/ibm
canonical/ibm spectrum protect
version/ibm spectrum protect/7.1.0.0
version/ibm spectrum protect/7.1.10.0
version/ibm spectrum protect/8.1.0.0
version/ibm spectrum protect/8.1.9.200
canonical/ibm spectrum protect server
version/ibm spectrum protect server/8.1.0.0-8.1.9.200
version/ibm spectrum protect server/7.1.0.0-7.1.10.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.