{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T22:55:13.229","vulnerabilities":[{"cve":{"id":"CVE-2020-4955","sourceIdentifier":"psirt@us.ibm.com","published":"2021-02-15T15:15:13.667","lastModified":"2024-11-21T05:33:28.457","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote attacker to execute arbitrary code on the system, caused by improper parameter validation. By creating an unspecified servlet request with specially crafted input parameters, an attacker could exploit this vulnerability to load a malicious .dll with elevated privileges. IBM X-Force ID: 192155."},{"lang":"es","value":"IBM Spectrum Protect Operations Center versiones 7.1 y 8.1, podría permitir a un atacante remoto ejecutar código arbitrario en el sistema, causado por una comprobación inapropiada de parámetros. Al crear una petición de servlet no especificada con parámetros de entrada especialmente diseñados, un atacante podría explotar esta vulnerabilidad para cargar un archivo .dll malicioso con privilegios elevados. IBM X-Force ID: 192155"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:S/C:P/I:P/A:P","baseScore":5.2,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":5.1,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:spectrum_protect_operations_center:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.0.000","versionEndExcluding":"7.1.13.000","matchCriteriaId":"BDA5A26F-E555-4401-8A74-C693D96BE215"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:spectrum_protect_operations_center:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0.000","versionEndExcluding":"8.1.10.200","matchCriteriaId":"74404BEF-3CD4-4731-A9E2-4A4A913B82ED"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/192155","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6404966","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/192155","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6404966","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}