Information disclosure vulnerability in IBM WebSphere Application Server Liberty affects IBM Spectrum Protect (formerly Tivoli Storage Mangaer) for Virtual Environments.
CVEID: CVE-2018-1553 DESCRIPTION: IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142890> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
The following levels of IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware are affected:
The following levels of IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for Hyper-V are affected:
Spectrum Protect for Virtual Environments: Data Protection for VMware Release
| Fixing VRM Level |Platform|Link to Fix / Fix Availability Target
—|—|—|—
8.1 | 8.1.6.1 | Linux
Windows |
<http://www.ibm.com/support/docview.wss?uid=ibm10739257>
7.1 | 7.1.8.4 | Linux
Windows | <https://www.ibm.com/support/docview.wss?uid=swg24044553>
IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V Release
| Fixing VRM Level |Platform|Link to Fix / Fix Availability Target
—|—|—|—
8.1 | 8.1.6.1 | Windows |
[http://www.ibm.com/support/docview.wss?uid=ibm10739263](< http://www.ibm.com/support/docview.wss?uid=ibm10739263>)
None