Recently, IBM issued a security bulletin, announcing an arbitrary code execution vulnerability (CVE-2020-4703) in IBM Spectrum Protect Plus. The vulnerability allows an authenticated attacker to upload arbitrary files, which can execute arbitrary code on vulnerable servers. CVE-2020-4703 is caused by an incomplete fix to CVE-2020-4470 that previously disclosed in June.
IBM also announced is the directory traversal vulnerability CVE-2020-4711. With this vulnerability, an attacker can view any file in the system by sending a special URL request containing a sequence (/../).
At present, there have been an analysis of vulnerabilities and PoC on the Internet.
IBM Spectrum Protect Plus 10.1.0-10.1.6
IBM Spectrum Protect Plus 10.1.6 ifix4
IBM has released a temporary revised version, and there are no other mitigation measures for these vulnerabilities. In view of the detailed analysis and the emergence of PoC, it is recommended that users update IBM Spectrum Protect Plus to the unaffected version as soon as possible.