Description
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to execute arbitrary commands on the system in the context of root user, caused by improper validation of user-supplied input. IBM X-Force ID: 174966.
CVSS breakdown
CVSS 3.0
Scope
Unchanged
Integrity
High
User Interaction
None
Attack Complexity
High
Confidentiality
High
Privileges Required
Low
Availability
High
Attack Vector
Network
RC
Changed
E
Unchanged
RL
O
Affected products
- ibm / Spectrum Protect Plus10.1.0 – 10.1.0
- ibm / Spectrum Protect Plus10.1.5 – 10.1.5