Unencrypted Communication Flow in IBM Spectrum Protect Plus vSnap and Agents

Unencrypted Communication Flow in IBM Spectrum Protect Plus vSnap and Agents

CVE-2020-4497 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An attacker could obtain information using main in the middle techniques. IBM X-Force ID: 182106.

Learn more about our Cis Benchmark Audit For Ibm I.