PT-2021-14022 · Ibm · Ibm Spectrum Protect Client

Shadi Habbal

Published

2021-04-26

Updated

2021-04-30

CVE-2021-20532

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Protect Client versions 8.1.0.0 through 8.1.11.0

Description: The issue allows a local user to escalate their privileges to take full control of the system due to insecure directory permissions.

Recommendations: For versions 8.1.0.0 through 8.1.11.0, update to a version that addresses the insecure directory permissions issue to prevent privilege escalation.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2021-20532

Affected Products

Ibm Spectrum Protect Client

PT-2021-14022 · Ibm · Ibm Spectrum Protect Client

CVE-2021-20532

Weakness Enumeration

Related Identifiers

Affected Products

References · 4