Rewterz Threat Alert – Confucius APT Group Linked to Android Spyware
February 15, 2021Rewterz Threat Alert – Ngrok Platform Abused in Phishing Attacks Targeting Financial Organizations
February 16, 2021Rewterz Threat Alert – Confucius APT Group Linked to Android Spyware
February 15, 2021Rewterz Threat Alert – Ngrok Platform Abused in Phishing Attacks Targeting Financial Organizations
February 16, 2021Severity
Medium
Analysis Summary
CVE-2020-4956
IBM Spectrum Protect Operations Center 7.1 and 8.1 is vulnerable to a denial of service, caused by a RPC that allows certain cache values to be set and dumped to a file. By setting a grossly large cache value and dumping that cached value to a file multiple times, a remote attacker could exploit this vulnerability to cause the consumption of all memory resources.
Impact
Denial of service
Affected Vendors
IBM
Affected Products
- IBM Spectrum Protect Operations Center 8.1
- IBM Spectrum Protect Operations Center 7.1
- IBM Spectrum Protect Operations Center 8.1.10.100
- IBM Spectrum Protect Operations Center 7.1.12
Remediation
Refer to the appropriate IBM Security Bulletin for patch, upgrade or suggested workaround information.
IBM Security Bulletin 6404966 (Spectrum Protect Operations Center)