Unencrypted Second Chunk Disclosure in IBM Spectrum Protect Server

Unencrypted Second Chunk Disclosure in IBM Spectrum Protect Server

CVE-2020-4591 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. IBM X-Force ID: 184746.

Learn more about our Cis Benchmark Audit For Server Software.