IBM Spectrum Protect Plus may display the user id and password in plain text within the instrumentation log file.
CVEID: CVE-2018-1768 DESCRIPTION: IBM Spectrum Protect Plus could disclose sensitive information when an authorized user executes a test operation, the user id an password may be displayed in plain text within an instrumentation log file.
CVSS Base Score: 5.6
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148622> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)
IBM Spectrum Protect Plus 10.1.0 and 10.1.1.
IBM Spectrum Protect Plus Release
| First Fixing
VRM Level|Platform|Link to Fix / Fix Availability Target
—|—|—|—
10.1
| 10.1.2 | Linux |
<http://www.ibm.com/support/docview.wss?uid=swg24044949>
.
None