2 matches found
Security Bulletin: Directory traversal attack in IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore (CVE-2022-40608)
Summary The IBM Spectrum Protect Plus Microsoft File Systems restore operation is vulnerable to a directory traversal attack which can result in gaining access to unauthorized files . Vulnerability Details CVEID:CVE-2022-40608 DESCRIPTION: IBM Spectrum Protect Plus Microsoft File Systems restore...
CVE-2022-40608
IBM Spectrum Protect Plus Microsoft File Systems restore operation is vulnerable to a directory traversal attack that can download unauthorized files on the target. Affected versions are 10.1.6–10.1.11; remediation is to upgrade to 10.1.12 for Windows. The issue stems from how the restore URL can...