High Severity

Security Bulletin: Stack-based Buffer Overflow vulnerabilities in IBM Spectrum Protect Back-up Archive Client and IBM Spectrum Protect for Space Management (CVE-2021-29672, CVE-2021-20546)

Share this post:

IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Space Management are vulnerable to stack-based buffer overflows caused by improper bounds checking. UDPATED: 14 June 2021 – Added 7.1 fix

CVE(s): CVE-2021-29672, CVE-2021-20546

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Spectrum Protect Backup-Archive Client 8.1.0.0-8.1.11.0
7.1.0.0-7.1.8.10
IBM Spectrum Protect for Space Management 8.1.0.0-8.1.11.0
7.1.0.0-7.1.8.10

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6445497
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/199479
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/198934

More stories

Security Bulletin: FasterXML Vulnerability in Jackson-Databind Affects IBM Sterling Connect:Direct File Agent (CVE-2018-7489)

Jul 23, 2021 8:13 pm EDT | High Severity

There is a vulnerability in FasterXML jackson-databind used by IBM Sterling Connect:Direct File Agent. IBM Sterling Connect:Direct File Agent has addressed the applicable CVE. ...read more


Security Bulletin: Apache Commons Configuration Vulnerability Affects IBM Sterling Connect:Direct File Agent (CVE-2020-1953)

Jul 23, 2021 8:11 pm EDT | High Severity

There is a vulnerability in Apache Commons used by IBM Sterling Connect:Direct File Agent. IBM Sterling Connect:Direct File Agent has addressed the applicable CVE. ...read more


Security Bulletin: IBM i2 iBase vulnerable to DLL highjacking (CVE-2020-4623)

Jul 23, 2021 8:00 pm EDT | High Severity

i2 iBase is vulnerable to DLL highjacking attacks. ...read more