PT-2019-10039 · Ibm · Ibm Spectrum Protect For Virtual Environments+1
Publicado
2019-11-25
·
Atualizado
2019-12-05
·
CVE-2018-2025
CVSS v3.1
4.4
Média
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments versions 7.1 and 8.1
Description:
The issue allows directories and files in the CIT subdirectory to be created with read and write permissions for everyone.
Recommendations:
For versions 7.1 and 8.1, consider restricting access to the CIT subdirectory to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Incorrect Default Permissions
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Spectrum Protect Backup-Archive Client
Ibm Spectrum Protect For Virtual Environments