A fix is available
APAR status
Closed as program error.
Error description
When using Operations Center, WebSocket is improperly configured. The request to establish the WebSocket connection is not protected against Cross-Site Request Forgery (CSRF). IBM Spectrum Protect Versions Affected: IBM Spectrum Protect Operations Center 8.1.x.x and higher on all supported platforms Additional Keywords: TS008085113 websocket OC operations center
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: * * All IBM Spectrum Protect Operations Center users. * **************************************************************** * PROBLEM DESCRIPTION: * * see error description * * For more information, refer to the security bulletin for * * CVE-2022-22346 using the following link: * * https://www.ibm.com/support/pages/node/6562855 * **************************************************************** * RECOMMENDATION: * * Apply fixing level when available. This problem is currently * * projected to be fixed in levels 8.1.14 and 8.1.13.400. Note * * that this is * * subject to change at the discretion of IBM. * ****************************************************************
Problem conclusion
The problem was fixed. Affected platforms for reported release: AIX, Linux, and Windows. Platforms fixed: AIX, Linux, and Windows.
Temporary fix
Comments
APAR Information
APAR number
IT40018
Reported component name
TSM OPERATIONS
Reported component ID
5608E01UI
Reported release
818
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-02-20
Closed date
2022-03-25
Last modified date
2022-03-25
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TSM OPERATIONS
Fixed component ID
5608E01UI
Applicable component levels
R81X PSY
UP
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGSG7","label":"Tivoli Storage Manager"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"818","Line of Business":{"code":"LOB26","label":"Storage"}}]
Document Information
Modified date:
04 May 2022