PT-2022-15454 · Ibm · Ibm Spectrum Protect

Published

2022-06-30

Updated

2022-07-08

CVE-2022-22474

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions IBM Spectrum Protect versions 8.1.0.0 through 8.1.14.0

Description The issue arises from the incorrect handling of certain read operations on TCP/IP sockets by the dsmcad, dsmc, and dsmcsvc processes. This can lead to a denial of service for IBM Spectrum Protect client operations.

Recommendations For IBM Spectrum Protect versions 8.1.0.0 through 8.1.14.0, consider temporarily disabling the dsmcad, dsmc, and dsmcsvc processes to prevent exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-22474

Affected Products

Ibm Spectrum Protect

PT-2022-15454 · Ibm · Ibm Spectrum Protect

CVE-2022-22474

Related Identifiers

Affected Products

References · 6