IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Space Management are vulnerable to a stack-based buffer overflow caused by improper bounds checking.
CVEID:CVE-2021-39048
**DESCRIPTION:**IBM Spectrum Protect Client is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/214438 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Spectrum Protect Backup-Archive Client | 8.1.0.0-8.1.12.0 on AIX, Linux, and Solaris platforms |
7.1.0.0-7.1.8.10 on AIX, Linux, Solaris, and HP-UX platforms | |
IBM Spectrum Protect for Space Management | 8.1.0.0-8.1.12.0 on AIX and Linux platforms |
7.1.0.0-7.1.8.10 on AIX and Linux platforms |
IBM Spectrum Protect
Backup-Archive Client Release|First Fixing
VRM Level|Platform|Link to Fix
—|—|—|—
8.1| 8.1.13| AIX
Linux
Solaris| <https://www.ibm.com/support/pages/node/6524938>
7.1| 7.1.8.11| AIX
HP-UX
Linux
Solaris| <https://www.ibm.com/support/pages/node/316619>
IBM Spectrum Protect for
Space Management Release|First Fixing
VRM Level|Platform|Link to Fix
—|—|—|—
8.1| 8.1.13| AIX
Linux| <https://www.ibm.com/support/pages/node/6488915>
7.1| 7.1.8.11| AIX
Linux| <https://www.ibm.com/support/pages/node/316075>
None