The IBM Spectrum Protect (formerly Tivoli Storage Manager) Backup-Archive Client is vulnerable to a denial of service attack.
CVEID:CVE-2019-4406
**DESCRIPTION:**The IBM Spectrum Protect Client may be vulnerable to a denial of service attack due to a timing issue between client and server TCP/IP communications.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/162477 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Spectrum Protect (formerly Tivoli Storage Manager) Backup-Archive Client |
8.1.0.0-8.1.8.0
7.1.0.0-7.1.8.6
Spectrum Protect
Backup-Archive Client Release | First Fixing VRM Level | ** APAR** | Platform | Link to Fix |
---|---|---|---|---|
8.1 | 8.1.9 | IT29313 | AIX | |
Linux | ||||
Macintosh | ||||
Solaris | ||||
Windoes | <http://www.ibm.com/support/docview.wss?uid=ibm11108473> | |||
7.1 | 7.1.8.7 | IT29313 | AIX | |
HP-UX | ||||
Linux | ||||
Macintosh | ||||
Solaris | ||||
Windows | <http://www.ibm.com/support/docview.wss?uid=swg24044550> |
None