The IBM Spectrum Protect (formerly Tivoli Storage Manager) Client, IBM Spectrum Protect: Data Protection for VMware, and IBM Spectrum Protect for Space Management could allow a local user to corrupt or delete sensitive information that could cause a denial of service.
CVEID: CVE-2018-1550 DESCRIPTION: IBM Spectrum Protect could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142696> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
This security exposure affects the following products and levels:
IBM Spectrum Protect (formerly Tivoli Storage Manager) Client levels:
- 8.1.2.0 through 8.14.2 (Macintosh)
8.1.2.0 through 8.1.4.1 (All other platforms)
- 7.1.8.0 through 7.1.8.2
IBM Spectrum Protect for Virtual Environments (formerly Tivoli Storage Manager for Virtual Environments): Data Protection for VMware levels:
- 8.1.2.0 through 8.1.4.1
- 7.1.8.0 through 7.1 8.2
IBM Spectrum Protect for Space Management (formerly Tivoli Storage Manager for Space Management)
- 8.1.2.0 through 8.1.4.1
- 7.1.8.0 through 7.1.8.2
IBM Spectrum Protect Client Release
|
First Fixing VRM Level
|
APAR
|
Platform
|
Link to Fix
—|—|—|—|—
8.1
|
8.1.6
|
IT23846
|
AIX
Linux
Macintosh
Solaris
|
http://www.ibm.com/support/docview.wss?uid=swg24044969
7.1
|
7.1.8.3
|
IT23846
|
AIX
HP-UX
Linux
Macintosh
Solaris
|
http://www.ibm.com/support/docview.wss?uid=swg24044550
.
IBM Spectrum Protect for Virtual Environments: Data Protection for VMware Release
|
First Fixing VRM Level
|
APAR
|
Platform
|
Link to Fix
—|—|—|—|—
8.1
|
8.1.6
|
IT25380
|
Linux
|
http://www.ibm.com/support/docview.wss?uid=swg24044948
7.1
|
|
|
Linux
|
Apply the above 7.1.8.3 client fix using the following link:
http://www.ibm.com/support/docview.wss?uid=swg24044550
.
IBM Spectrum Protect for Space Management Release
|
First Fixing VRM Level
|
Platform
|
Link to Fix
—|—|—|—
8.1
|
8.1.6
|
AIX
Linux
| http://www.ibm.com/support/docview.wss?uid=swg24044982
7.1
|
7.1.8.3
|
AIX
Linux
|