Medium Severity

Security Bulletin: SMB signing not required in IBM Spectrum Protect Plus (CVE-2016-2115)

Share this post:

IBM Spectrum Protect Plus is vulnerable to man-in-the-middle attacks as it does not make SMB signing mandatory.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Spectrum Protect Plus 10.1.0-10.1.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1107195

More stories

Security Bulletin: IBM Maximo Asset Management is vulnerable to Path Disclosure (CVE-2019-4745)

Feb 21, 2020 7:00 pm EST | Medium Severity

IBM Maximo Asset Management could allow a remote attacker to disclose sensitive information to an authenticated user due to disclosing path information in the URL. ...read more


Security Bulletin: Vulnerabilities in Curl affect PowerSC (CVE-2019-5481, CVE-2019-5482)

Feb 21, 2020 7:00 pm EST | Medium Severity

There are vulnerabilities in Curl that affect PowerSC. ...read more


Security Bulletin: Phishing Attack Vulnerability Affects IBM Sterling B2B Integrator (CVE-2019-4595)

Feb 20, 2020 7:00 pm EST | Medium Severity

IBM Sterling B2B Integrator has addressed the Phishing attack vulnerability. ...read more