Medium Severity

IBM Security Bulletin: Password exposure via job log in IBM Spectrum Protect Plus (CVE-2019-4385)

Share this post:

IBM Spectrum Protect Plus may display the vSNAP CIFS password in the Spectrum Protect Plus job log

CVE(s): CVE-2019-4385

Affected product(s) and affected version(s):
IBM Spectrum Protect Plus 10.1.2.219 through 10.1.2.303.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10886099
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162173

More stories

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-9327)

Aug 12, 2020 8:01 pm EDT | Medium Severity

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. ...read more


Security Bulletin: IBM Maximo Asset Management is vulnerable to path traversal (CVE-2019-4582)

Aug 12, 2020 8:00 pm EDT | Medium Severity

IBM Maximo Asset Management is vulnerable to path traversal. ...read more


Security Bulletin: Vulnerability in IBM WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center and Client Management Service (CVE-2019-12406)

Aug 12, 2020 8:00 pm EDT | Medium Severity

IBM WebSphere Application Server Liberty is vulnerable to an Apache CXF denial of service which affects IBM Spectrum Protect Operations Center and Client Management Service. ...read more