Ibm · Ibm Spectrum Protect Server · CVE-2019-4088
**Name of the Vulnerable Software and Affected Versions**
IBM Spectrum Protect Servers versions 7.1 through 8.1
IBM Spectrum Protect Storage Agents versions 7.1 through 8.1
**Description**
A local attacker could gain elevated privileges on the system by loading a specially crafted library loaded by the dsmqsan module. This could allow the attacker to gain root privileges on the vulnerable system.
**Recommendations**
For IBM Spectrum Protect Servers versions 7.1 through 8.1, consider restricting access to the dsmqsan module until a patch is available.
For IBM Spectrum Protect Storage Agents versions 7.1 through 8.1, consider restricting access to the dsmqsan module until a patch is available.