Aug 1, 2019 9:01 am EDT
Categorized: Medium Severity
Share this post:
If tracing is activated, IBM Spectrum Protect (formerly Tivoli Storage Manager) for Enterprise Resource Planning may display the IBM Spectrum Protect node password in plain text in the trace file.
Affected product(s) and affected version(s):
The following levels of IBM Spectrum Protect (formerly Tivoli Storage Manager) for Enterprise Resource Planning are affected:
- 188.8.131.52 through 184.108.40.206 – Data Protection for SAP HANA
220.127.116.11 through 18.104.22.168 – Data Protection for SAP for Db2 and Data Protection for SAP for Oracle
- 22.214.171.124 through 126.96.36.199 – Data Protection for SAP HANA, Db2, and Oracle.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10883782
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/154280