Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMDEC1108C2BFBF85F7C4855ACDAF0B31960EF69A6473916722284718CB922F210
HistoryFeb 01, 2022 - 11:37 a.m.

Security Bulletin: A security vulnerability has been identified in the IBM Spectrum Protect Client that affects multiple IBM Spectrum Protect products (CVE-2018-1786)

2022-02-0111:37:31
www.ibm.com
14

0.002 Low

EPSS

Percentile

58.9%

JSON

Summary

The IBM Spectrum Protect (formerly Tivoli Storage Manger) Client/API is used as a component of IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for Windows, IBM Spectrum Protect for Databases, and IBM Spectrum Protect for Mail. Information about a security vulnerability affecting the IBM Spectrum Protect Client/API has been published in a security bulletin.

Vulnerability Details

Consult the security bulletin Denial of Service vulnerability affects IBM Spectrum Protect Client and IBM Spectrum Protect for Virtual Environments (CVE-2018-1786) for vulnerability details and information about the fixes.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Spectrum Protect Snapshot for Windows version 8.1 | IBM Spectrum Protect Client/API version 8.1.
IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for Windows version 4.1 | IBM Spectrum Protect (formerly Tivoli Storage Manager) Client/API version 7.1
Tivoli Storage FlashCopy Manager for Windows version 6.4 and below are EOS. IBM recommends upgrading to a supported level. | Tivoli Storage Manager Client/API version 6.4 and below are EOS. IBM recommends upgrading to a supported level.

Note: Within the IBM Spectrum Protect Snapshot on Windows product, the IBM Spectrum Protect Client is also referred to as the FlashCopy Manager VSS Requestor component.

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Spectrum Protect for Databases: Data Protection for Microsoft SQL Server version 8.1 | IBM Spectrum Protect Client/API version 8.1.
IBM Spectrum Protect for Databases (formerly Tivoli Storage Manager for Databases): Data Protection for Microsoft SQL Server version 7.1 | IBM Spectrum Protect (formerly Tivoli Storage Manager) Client/API version 7.1
Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server version 6.4 and below are EOS. IBM recommends upgrading to a supported level. | Tivoli Storage Manager Client/API version 6.4 and below are EOS. IBM recommends upgrading to a supported level.

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Spectrum Protect for Databases: Data Protection for Oracle version 8.1 | IBM Spectrum Protect Client/API version 8.1.
IBM Spectrum Protect for Databases (formerly Tivoli Storage Manager for Databases): Data Protection for Oracle version 7.1 | IBM Spectrum Protect (formerly Tivoli Storage Manager) Client/API version 7.1
Tivoli Storage Manager for Databases: Data Protection for Oracle version 6.4 and below are EOS. IBM recommends upgrading to a supported level. | Tivoli Storage Manager Client/API version 6.4 and below are EOS. IBM recommends upgrading to a supported level.

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Spectrum Protect for Mail: Data Protection for Microsoft Exchange Server version 8.1 | IBM Spectrum Protect Client/API version 8.1.
IBM Spectrum Protect for Mail (formerly Tivoli Storage Manager for Mail): Data Protection for Microsoft Exchange Server version 7.1 | IBM Spectrum Protect (formerly Tivoli Storage Manager) Client/API version 7.1
Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server version 6.4 and below are EOS. IBM recommends upgrading to a supported level. | Tivoli Storage Manager Client/API version 6.4 and below are EOS. IBM recommends upgrading to a supported level.

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Spectrum Protect for Mail (formerly Tivoli Storage Manager for Mail): Data Protection for Domino version 7.1 | IBM Spectrum Protect (formerly Tivoli Storage Manager) Client/API version 7.1
Tivoli Storage Manager for Mail: Data Protection for Domino version 6.4 and below are EOS. IBM recommends upgrading to a supported level. |

Tivoli Storage Manager Client/API version 6.4 and below are EOS. IBM recommends upgrading to a supported level.

Remediation/Fixes

Refer to the security bulletin Denial of Service vulnerability affects IBM Spectrum Protect Client and IBM Spectrum Protect for Virtual Environments (CVE-2018-1786).

Workarounds and Mitigations

Refer to the security bulletin Denial of Service vulnerability affects IBM Spectrum Protect Client and IBM Spectrum Protect for Virtual Environments (CVE-2018-1786).

Related

cve 1
nvd 1
cvelist 1
ibm 1
prion 1
nessus 1
cve
cve
CVE-2018-1786
2018-11-12 16:29:00
nvd
nvd
CVE-2018-1786
2018-11-12 16:29:00
cvelist
cvelist
CVE-2018-1786
2018-11-08 00:00:00
ibm
ibm
Security Bulletin: Denial of Service vulnerability affects IBM Spectrum Protect Client and IBM Spectrum Protect for Virtual Environments (CVE-2018-1786)
2019-08-21 21:18:42
prion
prion
Design/Logic Flaw
2018-11-12 16:29:00
nessus
nessus
IBM Spectrum Protect Client 7.1.x < 7.1.8.4 / 8.1.x < 8.1.6.1 Denial of Service Vulnerability (CVE-2018-1786)
2019-01-03 00:00:00

0.002 Low

EPSS

Percentile

58.9%

JSON
Related for DEC1108C2BFBF85F7C4855ACDAF0B31960EF69A6473916722284718CB922F210
cve1nvd1cvelist1ibm1prion1nessus1