Improper Session Validation in IBM Spectrum Protect Client and IBM Spectrum Protect for Space Management Web User Interfaces

Improper Session Validation in IBM Spectrum Protect Client and IBM Spectrum Protect for Space Management Web User Interfaces

CVE-2020-4494 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. IBM X-Force ID: 182019.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.