The IBM Spectrum Protect (formerly Tivoli Storage Manager) Backup-Archive Client is vulnerable to a buffer overflow that could allow execution of arbitrary code on the local system or the application to crash.
CVEID: CVE-2019-4267 DESCRIPTION: The IBM Spectrum Protect Backup-Archive Client is vulnerable to a buffer overflow. This could allow execution of arbitrary code on the local system or the application to crash.
CVSS Base Score: 4.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160200> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
This security exposure affects IBM Spectrum Protect (formerly Tivoli Storage Manager) Backup-Archive Client levels:
Backup-Archive
Client Release |
First Fixing VRM Level
| APAR | Platform | Link to Fix
—|—|—|—|—
8.1 | 8.1.8 | IT28291 | AIX
Linux
Macintosh
Solaris
Windows |
<https://www.ibm.com/support/docview.wss?uid=ibm10885610>
7.1 | 7.1.8.6 | IT28291 | AIX
HP-UX
Linux
Macintosh
Solaris
Windows |
<https://www.ibm.com/support/docview.wss?uid=swg24044550>
None