High Severity

Security Bulletin: Vulnerability in Flask and Python affects IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore (CVE-2021-33026, CVE-2022-0391)

March 12, 2022

Categorized: High Severity

Share this post:

Elevation of privileges vulnerability in Flask and weaker than expected security in Python can affect IBM Spectrum Protect Plus Microsoft® File Systems backup and restore.

CVE(s): CVE-2021-33026, CVE-2022-0391

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Spectrum Protect Plus File Systems Agent 10.1.6.0-10.1.9.3

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6562405
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/201958
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/219613


Previous Post

Security Bulletin: Vulnerabilities in IBM Java Runtime and Golang Go affect IBM Spectrum Protect Server (CVE-2021-35578, CVE-2021-44716, CVE-2021-44717)

Next Post

Security Bulletin: Vulnerabilities in Celery, Golang Go, and Python affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift
More stories

Security Bulletin: IBM MQ for HPE NonStop Server is affected by OpenSSL vulnerability CVE-2022-0778

May 20, 2022 | High Severity

An issue was identifed in OpenSSL when MQ is using it to parse certificates. ...read more

Security Bulletin: OpenSSL publicly disclosed vulnerability affects IBM MobileFirst Platform Foundation

May 17, 2022 | High Severity

IBM MobileFirst Platform Foundation has addressed the following vulnerability by updating the version of OpenSSL ...read more

Security Bulletin: Vulnerabilities in IBM HTTP Server affect IBM Netezza Performance Portal

May 17, 2022 | High Severity

IBM HTTP Server is used by IBM Netezza Performance Portal. IBM Netezza Performance Portal has addressed the applicable CVEs. ...read more