The IBM Spectrum Protect (formerly Tivoli Storage Manager) Server and Storage Agents are vulnerable to a stack-based buffer overflow and elevation of privileges.
CVEID: CVE-2019-4087 DESCRIPTION: IBM Spectrum Protect Servers and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly long request, a remote attacker could overflow a buffer and execute arbitrary code on the system with instance id privileges or cause the server or storage agent to crash.
CVSS Base Score: 9.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157510> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-4088 DESCRIPTION: IBM Spectrum Protect Servers and Storage Agents could allow a local attacker to gain elevated privileges on the system, caused by loading a specially crafted library loaded by the dsmqsan module. By setting up such a library, a local attacker could exploit this vulnerability to gain root privileges on the vulnerable system.
CVSS Base Score: 7.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/157511> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
This vulnerability affects the following IBM Spectrum Protect (formerly Tivoli Storage Manager) Server levels:
IBM Spectrum Protect
Server Release | First Fixing
VRM Level | Platform | Link to Fix
—|—|—|—
8.1 | 8.1.8 | AIX
Linux
Windows |
<https://www.ibm.com/support/docview.wss?uid=ibm10888463>
7.1
|
7.1.9.300
| AIX
HP-UX
Linux
Solaris
Windows |
<ftp://public.dhe.ibm.com/storage/tivoli-storage-management/patches/server/>
None.
CPE | Name | Operator | Version |
---|---|---|---|
ibm spectrum protect | eq | 8.1 | |
ibm spectrum protect | eq | 7.1 | |
tivoli storage manager | eq | 7.1 |