Lucene search
IBM1BFAFE0460040276762444ED367213959D4531A2FF08F3A3292292197243CA6BHistoryFeb 22, 2020 - 12:30 a.m.
Security Bulletin: Information Disclosure in IBM Spectrum Protect Plus (CVE-2019-4703)
2020-02-2200:30:12
www.ibm.com
9
0.001 Low
EPSS
Percentile
20.0%
Summary
The user id and password may be exposed in IBM Spectrum Protect Plus when protecting Microsoft SQL or Microsoft Exchange.
Vulnerability Details
CVEID:CVE-2019-4703
**DESCRIPTION:**IBM Spectrum Protect Plus, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/172013 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Spectrum Protect Plus | 10.1.0-10.1.5 |
Remediation/Fixes
| Spectrum Protect Plus Release | First Fixing VRM Level | Platform | Link to Fix |
|---|---|---|---|
| 10.1 | 10.1.5 patch1 | Linux | <http://www.ibm.com/support/docview.wss?uid=ibm11072392> |
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm spectrum protect plus | eq | 10.1 |
Related
cvelist
cvelist
CVE-2019-4703
2020-02-21 00:00:00
nvd
nvd
CVE-2019-4703
2020-02-24 16:15:12
cve
cve
CVE-2019-4703
2020-02-24 16:15:12
prion
prion
Information disclosure
2020-02-24 16:15:00
0.001 Low
EPSS
Percentile
20.0%
Related for 1BFAFE0460040276762444ED367213959D4531A2FF08F3A3292292197243CA6B