CVE-2018-1447

🗓️ 04 Apr 2018 18:00:00Reported by ibmType

IBM Spectrum Protect and Snapshot CMS KDB logic fails to salt hash, weakening password protection. Change password post-update for stronger security

Reporter	Title	Published	Views	Family All 69
IBM Security Bulletins	Security Bulletin: Vulnerabilities in GSKit affect IBM SPSS Modeler (CVE-2018-1447)	16 Jun 201814:19	–	ibm
IBM Security Bulletins	Security Bulletin: Rational DOORS is affected by multiple vulnerabilities	29 Jun 202016:11	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server affects Netezza Performance Portal	18 Oct 201903:36	–	ibm
IBM Security Bulletins	Security Bulletin: WebSphere DataPower Appliances is affected by multiple issues	11 Sep 201813:21	–	ibm
IBM Security Bulletins	Security Bulletin : IBM Storwize V7000 Unified is affected by multiple GSKit vulnerabilities in GPFS	17 Oct 201817:35	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in GSKit affect IBM Spectrum Scale used by DB2® pureScale™ (CVE-2018-1431, CVE-2018-1447, CVE-2017-3732, CVE-2016-0705)	19 Sep 201819:50	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in GSKit affect IBM Tivoli Directory Server and IBM Security Directory Server for AIX	2 Jan 201914:15	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security SiteProtector System is affected by GSKit vulnerabilities	19 Jul 201808:30	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Content Collector for SAP Applications is affected by GSKit and GSKit-Crypto vulnerabilities	30 Aug 201812:21	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in GSKit, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2018-1447).	28 Jun 202322:06	–	ibm

NVD

Vulners

Node

ibm spectrum_protect_for_space_managementRange7.1.0.0–7.1.8.1vmware

ibm spectrum_protect_for_space_managementRange8.1.0.0–8.1.4.0vmware

ibm spectrum_protect_for_virtual_environmentsRange7.1.0.0–7.1.8.0vmware

ibm spectrum_protect_for_virtual_environmentsRange8.1.0.0–8.1.4.0vmware

Node

ibm spectrum_protect_snapshotRange4.1.0.0–4.1.6.3vmware

[
  {
    "product": "Spectrum Protect",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.1"
      },
      {
        "status": "affected",
        "version": "8.1"
      }
    ]
  },
  {
    "product": "Spectrum Protect Snapshot",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "4.1.3"
      },
      {
        "status": "affected",
        "version": "4.1.4"
      },
      {
        "status": "affected",
        "version": "4.1.6"
      }
    ]
  },
  {
    "product": "Spectrum Protect for Virtual Environments",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.1"
      },
      {
        "status": "affected",
        "version": "8.1"
      }
    ]
  },
  {
    "product": "Spectrum Protect for Space Management",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.1"
      },
      {
        "status": "affected",
        "version": "8.1"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/docview.wss
ibm	www.ibm.com/support/docview.wss
securitytracker	www.securitytracker.com/id/1041012
ibm	www.ibm.com/support/docview.wss
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/139972
ibm	www.ibm.com/support/docview.wss
securityfocus	www.securityfocus.com/bid/104511

21 Nov 2024 03:59Current

6.7Medium risk

Vulners AI Score6.7

CVSS 25

CVSS 35.1 - 8.1

EPSS0.00081

CWE-916