IBM Spectrum Protect Plus may display the vSNAP CIFS password in the Spectrum Protect Plus job log
CVEID: CVE-2019-4385 DESCRIPTION: IBM Spectrum Protect Plus may display the vSnap CIFS password in the IBM Spectrum Protect Plus job log. This can result in an attacker gaining access to sensitive information as well as vSnap.
CVSS Base Score: 5.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/162173> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)
IBM Spectrum Protect Plus 10.1.2.219 through 10.1.2.303.
Spectrum Protect Plus Release
| First Fixing
VRM Level|APAR|Platform|_Link to Fix _
—|—|—|—|—
10.1 | 10.1.3 | IT27644 | Linux |
<https://www.ibm.com/support/docview.wss?uid=ibm10743897>
None