image
IBM has issued fixes for vulnerabilities in Spectrum Protect Plus, Big Blue’s security tool found under the umbrella of its Spectrum data storage software branding. The flaws can be exploited by remote attackers to execute code on vulnerable systems. IBM Spectrum Protect Plus is a data-protection solution that provides near-instant recovery, replication, reuse and self-service for virtual machines. The vulnerabilities (CVE-2020-4703 and CVE-2020-4711) affect versions 10.1.0 through 10.1.6 of IBM Spectrum Protect Plus. Click to Register The more serious of the two flaws (CVE-2020-4703) exists in IBM Spectrum Protect Plus’ Administrative Console and could allow an authenticated attacker to upload arbitrary files – which could then be used to execute arbitrary code on the vulnerable server, according to researchers with Tenable, who discovered the flaws, in a Monday advisory. The bug ranks 8 out of 10 on the CVSS scale, making it high-severity. This vulnerability is due to an incomplete fix for CVE-2020-4470, a high-severity flaw that was previously disclosed in June. An exploit for CVE-2020-4470 involves two operations, Tenable researchers said: “The first operation is to upload a malicious RPM package to a directory writable by the administrator account by sending an HTTP POST message to URL endpoint https://<spp_host>:8090/api/plugin,” they said. “The second operation is to install the malicious RPM by sending an HTTP POST message to URL endpoint…

Source