What is CVE-2020-4686?

CVE-2020-4686 is a vulnerability in IBM Spectrum Virtualize 8.3.1 that allows a remote user authenticated via LDAP to escalate their privileges and perform unauthorized actions.

Which software versions are affected by CVE-2020-4686?

IBM Spectrum Virtualize 8.3.1 and its public cloud version are affected by CVE-2020-4686.

What is the severity rating of CVE-2020-4686?

CVE-2020-4686 has a severity rating of 8.1 (high).

How can a remote user exploit CVE-2020-4686?

A remote user authenticated via LDAP can exploit CVE-2020-4686 to escalate their privileges and perform unauthorized actions.

Where can I find more information about CVE-2020-4686?

You can find more information about CVE-2020-4686 on the IBM X-Force ID: 186678 and the IBM Support website.

Vulnerability/
CVE-2020-4686

high

8.1

14/8/2020

4/8/2024

CVE-2020-4686

First published: Fri Aug 14 2020(Updated: )

IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Spectrum Virtualize	=8.3.1
IBM Spectrum Virtualize	=8.3.1
Ibm Flashsystem V5000 Firmware	=8.3.1
Ibm Flashsystem V5000
Ibm Flashsystem V7200 Firmware	=8.3.1
Ibm Flashsystem V7200
Ibm Flashsystem V9000 Firmware	=8.3.1
Ibm Flashsystem V9000
Ibm Flashsystem V9100 Firmware	=8.3.1
Ibm Flashsystem V9100
Ibm Flashsystem V9200 Firmware	=8.3.1
Ibm Flashsystem V9200
Ibm San Volume Controller Firmware	=8.3.1
IBM SAN Volume Controller
Ibm Storwize V5000 Firmware	=8.3.1
Ibm Storwize V5000
Ibm Storwize V5000e Firmware	=8.3.1
Ibm Storwize V5000e
Ibm Storwize V5100 Firmware	=8.3.1
Ibm Storwize V5100
Ibm Storwize V7000 Firmware	=8.3.1
IBM Storwize V7000

Remedy

https://www.ibm.com/support/pages/node/6260199

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2020-4686?
CVE-2020-4686 is a vulnerability in IBM Spectrum Virtualize 8.3.1 that allows a remote user authenticated via LDAP to escalate their privileges and perform unauthorized actions.
Which software versions are affected by CVE-2020-4686?
IBM Spectrum Virtualize 8.3.1 and its public cloud version are affected by CVE-2020-4686.
What is the severity rating of CVE-2020-4686?
CVE-2020-4686 has a severity rating of 8.1 (high).
How can a remote user exploit CVE-2020-4686?
A remote user authenticated via LDAP can exploit CVE-2020-4686 to escalate their privileges and perform unauthorized actions.
Where can I find more information about CVE-2020-4686?
You can find more information about CVE-2020-4686 on the IBM X-Force ID: 186678 and the IBM Support website.

collector/nvd-index
agent/severity
agent/references
agent/author
agent/type
agent/description
agent/event
agent/first-publish-date
agent/remedy
agent/last-modified-date
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
vendor/ibm
canonical/ibm spectrum virtualize
version/ibm spectrum virtualize/8.3.1
canonical/ibm flashsystem v5000 firmware
version/ibm flashsystem v5000 firmware/8.3.1
canonical/ibm flashsystem v5000
canonical/ibm flashsystem v7200 firmware
version/ibm flashsystem v7200 firmware/8.3.1
canonical/ibm flashsystem v7200
canonical/ibm flashsystem v9000 firmware
version/ibm flashsystem v9000 firmware/8.3.1
canonical/ibm flashsystem v9000
canonical/ibm flashsystem v9100 firmware
version/ibm flashsystem v9100 firmware/8.3.1
canonical/ibm flashsystem v9100
canonical/ibm flashsystem v9200 firmware
version/ibm flashsystem v9200 firmware/8.3.1
canonical/ibm flashsystem v9200
canonical/ibm san volume controller firmware
version/ibm san volume controller firmware/8.3.1
canonical/ibm san volume controller
canonical/ibm storwize v5000 firmware
version/ibm storwize v5000 firmware/8.3.1
canonical/ibm storwize v5000
canonical/ibm storwize v5000e firmware
version/ibm storwize v5000e firmware/8.3.1
canonical/ibm storwize v5000e
canonical/ibm storwize v5100 firmware
version/ibm storwize v5100 firmware/8.3.1
canonical/ibm storwize v5100
canonical/ibm storwize v7000 firmware
version/ibm storwize v7000 firmware/8.3.1
canonical/ibm storwize v7000