PT-2022-15458 · Ibm · Ibm Spectrum Protect Client

Published

2022-06-30

·

Updated

2022-07-08

·

CVE-2022-22478

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions IBM Spectrum Protect Client versions 8.1.0.0 through 8.1.14.0
Description The issue allows a local user to read user credentials stored in plain clear text.
Recommendations For versions 8.1.0.0 through 8.1.14.0, update to a version that stores user credentials securely to prevent unauthorized access.

Fix

Cleartext Storage of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-312

Related Identifiers

CVE-2022-22478

Affected Products

Ibm Spectrum Protect Client