High Severity

IBM Security Bulletin: Multiple Db2 vulnerabilities affect the IBM Spectrum Protect Server

Share this post:

The IBM Spectrum Protect Server is affected by multiple IBM Db2 vulnerabilities that could allow local users to overwrite files owned by the Db2 instance owner, execution of arbitrary code on the system, or an elevation of privileges.

CVE(s): CVE-2018-1452, CVE-2018-1451, CVE-2018-1449, CVE-2018-1450, CVE-2018-1459, CVE-2018-1565, CVE-2018-1515, CVE-2018-1488, CVE-2018-1544, CVE-2018-1566, CVE-2018-1487

Affected product(s) and affected version(s):

These vulnerabilities affect the IBM Spectrum Protect Server 8.1.0.0 through 8.1.6.0.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10743215
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140047
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140046
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140044
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140045
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140210
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143022
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141624
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140973
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142648
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/143023
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140972

More stories

IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities

Feb 20, 2019 9:00 am EST | High Severity

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to multiple security vulnerabilities. There are multiple vulnerabilities fixes to open source libraries distributed with IGI, other less secure algorithms for crypto, xss attacks and click jacking attacks. CVE(s): CVE-2018-0124, CVE-2018-0125, CVE-2015-5237, CVE-2013-4517, CVE-2014-3596, CVE-2012-5784, CVE-2013-2186, CVE-2016-3092, CVE-2016-1000031, CVE-2014-0050, CVE-2013-2172, ...read more


IBM Security Bulletin: A vulnerability in Apache Struts affects the IBM FlashSystem 840 and 900

Feb 19, 2019 9:00 am EST | High Severity

There is a vulnerability in Apache Struts which the IBM FlashSystem™ 840 and 900 are susceptible. An exploit of that vulnerability (CVE-2018-11776) could make the system susceptible to attacks which could allow an attacker to execute arbitrary code on the system. CVE(s): CVE-2018-11776 Affected product(s) and affected version(s): FlashSystem 840 machine type and models (MTMs) ...read more


IBM Security Bulletin: A vulnerability in Apache Struts affects the IBM FlashSystem V840

Feb 19, 2019 9:00 am EST | High Severity

There is a vulnerability in Apache Struts which the IBM FlashSystem™ V840 is susceptible. An exploit of that vulnerability (CVE-2018-11776) could make the system susceptible to attacks which could allow an attacker to execute arbitrary code on the system. CVE(s): CVE-2018-11776 Affected product(s) and affected version(s): Storage Node machine type and models (MTMs) affected:9840-AE1 and ...read more