Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM2313FB5E0B580F13BA6514177D6B8E580107AD51C5D779E77A8BCF9E66DCF0FE
HistoryDec 13, 2019 - 7:41 p.m.

Security Bulletin: Incorrect permissions on CIT files in IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments (CVE-2018-2025)

2019-12-1319:41:47
www.ibm.com
7

0.0004 Low

EPSS

Percentile

12.7%

JSON

Summary

The IBM Spectrum Protect (formerly Tivoli Storage Manager) Backup-Archive Client creates directories/files in the CIT directory that have insecure permissions.

Vulnerability Details

CVEID:CVE-2018-2025
**DESCRIPTION:**IBM Spectrum Protect Client creates directories/files in the CIT sub directory that are read/writable by everyone.
CVSS Base score: 5.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/155551 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Spectrum Protect (formerly Tivoli Storage Manager) Backup-Archive Client 8.1.0.0-8.1.8.0
7.1.0.0-7.1.8.5
IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware 8.1.0.0-8.1.8.0
7.1.0.0-7.1.8.5
IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for Hyper-V 8.1.0.0-8.1.8.0
7.1.0.0-7.1.8.0

Remediation/Fixes

Backup-Archive
Client Release |

First Fixing VRM Level

| APAR | Platform | Link to Fix
—|—|—|—|—
8.1 | 8.1.9 | IT27337 | AIX
Linux
Macintosh
Solaris
Windows |

<http://www.ibm.com/support/docview.wss?uid=ibm11108473&gt;

7.1 | 7.1.8.6 | IT27337 | AIX
HP-UX
Linux
Macintosh
Solaris
Windows |

<http://www.ibm.com/support/docview.wss?uid=swg24044550&gt;

Data Protection for VMware Release | First Fixing
VRM Level | APAR | Platform | Link to Fix
—|—|—|—|—
8.1 | 8.1.9 | IT27400 | Linux
Windows |

<http://www.ibm.com/support/docview.wss?uid=ibm11072396&gt;

7.1 | 7.1.8.6 | IT27400 | Linux
Windows |

Data Protection for VMware 7.1 customers can upgrade to Data Protection for VMware 7.1.8.6 or apply the above 7.1.8.6 client fix.
Data Protection for VMware 7.1.8.6 link:
<https://www.ibm.com/support/docview.wss?uid=swg24044553&gt;
Client 7.1.8.6 link:
<http://www.ibm.com/support/docview.wss?uid=swg24044550&gt;

Data Protection for Hyper-V Release |

First Fixing__** VRM Level**

| APAR | Platform | Link to Fix
—|—|—|—|—
8.1 | 8.1.9 | IT27401 | Windows | <http://www.ibm.com/support/docview.wss?uid=ibm11072396&gt;
7.1 | | | Windows |

Apply the above 7.1.8.6 client fix using the following link:
<http://www.ibm.com/support/docview.wss?uid=swg24044550&gt;

Workarounds and Mitigations

The permissions on the cit/bin/etc folder and files can be modified to be more restrictive.

Related

cve 1
nvd 1
cvelist 1
prion 1
mssecure 1
cve
cve
CVE-2018-2025
2019-11-25 17:15:11
nvd
nvd
CVE-2018-2025
2019-11-25 17:15:11
cvelist
cvelist
CVE-2018-2025
2019-11-22 00:00:00
prion
prion
Code injection
2019-11-25 17:15:00
mssecure
mssecure
Analysis of a targeted attack exploiting the WinRAR CVE-2018-20250 vulnerability
2019-04-10 15:00:58

0.0004 Low

EPSS

Percentile

12.7%

JSON
Related for 2313FB5E0B580F13BA6514177D6B8E580107AD51C5D779E77A8BCF9E66DCF0FE
cve1nvd1cvelist1prion1mssecure1