PT-2019-16894 · Microsoft+1 · Windows+3

Publicado

2019-04-02

Atualizado

2020-08-24

CVE-2019-4093

CVSS v3.1

5.1

Média

Vetor

AV:L/PR:N/AC:L/S:U/C:L/UI:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions IBM Tivoli Storage Manager (IBM Spectrum Protect) version 8.1.7

Description The issue allows a user to restore files and directories using the IBM Spectrum Protect Client Web User Interface on Windows that they should not have access to due to incorrect file permissions.

Recommendations For version 8.1.7, consider restricting access to the IBM Spectrum Protect Client Web User Interface until a fix is available to prevent unauthorized file restoration.

Correção

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732

Identificadores relacionados

CVE-2019-4093

Produtos afetados

Ibm Spectrum Protect

Ibm Spectrum Protect Client Web User Interface

Ibm Tivoli Storage Manager

Windows

PT-2019-16894 · Microsoft+1 · Windows+3

CVE-2019-4093

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4