Medium Severity

IBM Security Bulletin: Password disclosure via trace log in IBM Spectrum Protect Operations Center (CVE-2018-1769)

Share this post:

IBM Spectrum Protect (formerly Tivoli Storage Manager) Operations Center my display the password in plain text in the trace file when tracing is turned on.

CVE(s): CVE-2018-1769

Affected product(s) and affected version(s):

The following levels of IBM Spectrum Protect (formerly Tivoli Storage Manager) Operations Center are affected:

  • 8.1.0.000 through 8.1.6.100
  • 7.1.0.000 through 7.1.9.100

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10735281
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148623

More stories

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery (CVE-2020-11022).

August 4, 2022 | Medium Severity

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method (CVE-2020-11022). jQuery is used by the runtime components included in IBM Watson Speech. Please read the details for remediation below. ...read more


Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery (CVE-2019-11358).

August 4, 2022 | Medium Severity

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery, caused by improper validation of user-supplied input in Drupal core. (CVE-2019-11358). jQuery is used by the runtime components included in IBM Watson Speech. Please read the details for remediation below. ...read more


Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in libssh, caused by improper bounds checking.(CVE-2021-3634).

August 4, 2022 | Medium Severity

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in libssh, caused by improper bounds checking (CVE-2021-3634). Libssh, included in RedHat, is used in the base operating system by IBM Watson Speech. Please read the details for remediation below. ...read more