CVE-2020-4471
First published: Mon Jun 15 2020(Updated: )
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an unauthenticated attacker to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote server. IBM X-Force ID: 181726.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Spectrum Protect Plus | >=10.1.0<=10.1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this IBM Spectrum Protect Plus vulnerability?
The vulnerability ID for this IBM Spectrum Protect Plus vulnerability is CVE-2020-4471.
What is the severity level of CVE-2020-4471?
The severity level of CVE-2020-4471 is medium.
How can an unauthenticated attacker exploit CVE-2020-4471?
An unauthenticated attacker can exploit CVE-2020-4471 by sending a specially crafted HTTP command to the remote server, which could cause a denial of service or hijack DNS sessions.
Which versions of IBM Spectrum Protect Plus are affected by CVE-2020-4471?
IBM Spectrum Protect Plus versions 10.1.0 through 10.1.5 are affected by CVE-2020-4471.
Where can I find more information about CVE-2020-4471?
More information about CVE-2020-4471 can be found at the following references: [1] [2] [3]
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm spectrum protect plus
- version/ibm spectrum protect plus/10.1.0
- version/ibm spectrum protect plus/10.1.5