Security Bulletin: Privilege escalation and code injection vulnerabilities in IBM Spectrum Protect Plus application protection (CVE-2019-4383, CVE-2019-4357)

Summary

IBM Spectrum Protect Plus application protection could allow a local attacker to gain elevated privileges or execute arbitrary code on the system.

Vulnerability Details

CVEID: CVE-2019-4383 DESCRIPTION: When using Spectrum Protect Plus to protect Oracle or MongoDB databases, a redirected restore operation may result in an escalation of user privileges.
CVSS Base Score: 7.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/162165&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N)

CVEID: CVE-2019-4357 DESCRIPTION: When using Spectrum Protect Plus to protect Oracle, DB2 or MongoDB databases, a redirected restore operation specifying a target path may allow execution of arbitrary code on the system.
CVSS Base Score: 8.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/161667&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)

Affected Products and Versions

IBM Spectrum Protect Plus 10.1.1 (Oracle)

IBM Spectrum Protect Plus 10.1.2 (Oracle and Db2)

IBM Spectrum Protect Plus 10.1.3 (Oracle, Db2, and MongoDB)

Remediation/Fixes

Spectrum Protect Plus Release

| First Fixing
VRM Level|Platform|_Link to Fix _
—|—|—|—
10.1 | 10.1.4 | Linux
AIX (Db2) |

<http://www.ibm.com/support/docview.wss?uid=ibm10879861&gt;

Workarounds and Mitigations

None