CVE-2018-1788

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Protect Server versions 7.1 through 8.1

Description: The issue is related to inadequate storage of registration data, which could allow an attacker to gain unauthorized access to protected information using trace logs. A local privileged user could disclose highly sensitive information via these logs.

Recommendations: For IBM Spectrum Protect Server versions 7.1 through 8.1, consider restricting access to trace logs to minimize the risk of exploitation. As a temporary workaround, limit the privileges of local users who can access these logs until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.